Rebuild Stored Cross-Site Scripting Vulnerability in Comment/Guestbook Component

A stored cross-site scripting vulnerability has been identified in Rebuild versions through 4.1.3. This issue affects the Comment/Guestbook component, where user-supplied input is not properly sanitized before being displayed. As a result, an attacker can inject malicious JavaScript into comments, which is executed when the comments are viewed by administrators or other users. The vulnerability can be exploited remotely, and an exploit is currently available.

Impact

Exploitation of this vulnerability allows for the execution of arbitrary JavaScript in the context of the user viewing the comment, including administrators. This could lead to theft of cookies and session hijacking, particularly through an administrator's session, or other client-side attacks.

Reproduction

To reproduce this vulnerability, register a frontend user account on a Rebuild installation prior to version 4.1.4. After logging in, navigate to the public comment or guestbook section and submit a comment containing a JavaScript payload, such as a SVG tag with an 'onload' event. Once the comment is posted, log out or use a different browser to view the comment as an administrator or another authenticated user. The injected script will execute, demonstrating the cross-site scripting vulnerability.

Remediation

Users are advised to upgrade to Rebuild version 4.1.4, which addresses this vulnerability.