Author Topic: Need help to resolve Security Vulnerability in Mibew  (Read 10071 times)

0 Members and 2 Guests are viewing this topic.

Bhawna

  • Jr. Member
  • **
  • Posts: 1
Need help to resolve Security Vulnerability in Mibew
« on: May 21, 2012, 12:10:34 PM »
Hi,

Our security team has found following security related issues in version 1.6.4.

a) Multiple XSS

Mibew messenger version 1.6.4 and below are vulnerable to XSS in the following areas :

-Input passed via the "address" and "threadid" POST parameters to /operator/ban.php is not properly sanitised before being returned to the user.
This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of affected website.


-Input passed via the "geolinkparams" POST parameter to /operator/settings.php is not properly sanitised before being returned to the user.
This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of affected website.


-Input passed via the "title" POST parameter to /operator/settings.php is not properly sanitised before being saved to database.
This input is returned to the Operator user without any check when a new chat window is open.


-Input passed via the "chattitle" POST parameter to /operator/settings.php is not properly sanitised before being saved to database.
This input is returned to the Visitor user without any check when a new chat window is open.


b) Cross Site Request forgery

A vulnerability in Mibew Messenger can be exploited by malicious people to conduct cross-site request forgery attacks.

The application's web interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. change an administrator's password and conduct script insertion attacks by tricking a logged in administrator into visiting a malicious web site.

The vulnerability is confirmed in version 1.6.4. Other versions may also be affected.

Please let us know if these can be closed.

faf

  • Mibew Staff Member
  • Native
  • *****
  • Posts: 951
    • Mibew Messenger
Re: Need help to resolve Security Vulnerability in Mibew
« Reply #1 on: September 06, 2013, 01:52:58 PM »
This vulnerabilities is partly closed in Mibew 1.6.5 and will be completely closed in Mibew 1.6.6 to be released soon.

One could not wait for the official release and update his installation from the legacy branch of our official repository.