BOINC Server Stored Cross-Site Scripting Vulnerability
Vulnerability
A stored cross-site scripting vulnerability has been identified in BOINC Server versions through 1.4.7. This issue allows malicious JavaScript to be injected and executed in the inboxes of users, specifically through the pm.php module. The vulnerability arises from improper input handling in the BBCode parser, enabling the injection of harmful scripts that execute when the affected user views their inbox or profile.
Impact
Exploitation of this vulnerability allows for stored cross-site scripting, where injected scripts are executed in the context of the user viewing their inbox or profile.
Reproduction
To reproduce this vulnerability, send a message through the pm.php module by accessing the 'new' action. Address the message to the target user and include a payload in the message content that exploits the BBCode parser, such as a crafted email tag. Once the message is sent, the injected script will execute when the recipient opens their inbox or profile.
Remediation
Users are advised to update to the latest version of BOINC Server.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.