MyBB Community Forums
Registration Security Question Plugin - XSS Vulnerability - Printable Version

+- MyBB Community Forums (https://community.mybb.com)
+-- Forum: Community Archive (https://community.mybb.com/forum-106.html)
+--- Forum: Archived Forums (https://community.mybb.com/forum-143.html)
+---- Forum: Archived Development and Support (https://community.mybb.com/forum-155.html)
+----- Forum: MyBB 1.6 (https://community.mybb.com/forum-138.html)
+------ Forum: 1.6 Security Management and Support (https://community.mybb.com/forum-153.html)
+------ Thread: Registration Security Question Plugin - XSS Vulnerability (/thread-131370.html)



Registration Security Question Plugin - XSS Vulnerability - Xeronations - 2012-12-21

A member told me that there was an XSS vulnerability in this plugin:

http://mods.mybb.com/view/registration-security-question

I highly doubt it, considering the author is a support technician, but is this true?


RE: Registration Security Question Plugin - XSS Vulnerability - Paul H. - 2012-12-21

I don't know how there would be an XSS in that plugin. The user input is never displayed. If you can display HTML in the question, that's not an XSS vulnerability.

Ask him for a proof of concept.


RE: Registration Security Question Plugin - XSS Vulnerability - Xeronations - 2012-12-21

http://gyazo.com/67eee063434853a219848054671e774b.png?1356133601

It appears to be because of that.


RE: Registration Security Question Plugin - XSS Vulnerability - Paul H. - 2012-12-22

Line 37:
	$prefix = 'g33k_'.$codename.'_';

No problem there.
He said something similar here about another plugin: http://yaldaram.com/thread-4963-post-22585.html#pid22585

That line is empty.

He's just trying to be a l33t hacker scaring people.


RE: Registration Security Question Plugin - XSS Vulnerability - Xeronations - 2012-12-22

Ah, thanks.

Just wanted to make sure.


RE: Registration Security Question Plugin - XSS Vulnerability - Leefish - 2012-12-22

@ Xeronations - next time you think there might be a vulnerability please report it in Private Inquiries rather than the open forum.


RE: Registration Security Question Plugin - XSS Vulnerability - Dr_The_One - 2015-02-09

(2012-12-22, 12:28 AM)Paul H. Wrote: Line 37:
	$prefix = 'g33k_'.$codename.'_';

No problem there.
He said something similar here about another plugin: http://yaldaram.com/thread-4963-post-22585.html#pid22585

That line is empty.

He's just trying to be a l33t hacker scaring people.

CAN WE REMOVE THAT LINE????
Line 37:
	$prefix = 'g33k_'.$codename.'_';



RE: Registration Security Question Plugin - XSS Vulnerability - Josh H. - 2015-02-16

(2015-02-09, 08:10 AM)Dr_The_One Wrote: CAN WE REMOVE THAT LINE????
Line 37:
	$prefix = 'g33k_'.$codename.'_';

Uhhhh... no. If you do that, you'll break the plugin's ability to function.


RE: Registration Security Question Plugin - XSS Vulnerability - CloudyBright - 2015-03-03

Read: http://community.mybb.com/thread-129189-page-2.html
The updated reg security question file download is the last post.
Update your files with it and make a change or two to your questions and then the plug-in will works as designed.