security bulletin no.27

DOWNLOAD

FORUMS

BLOGS

FORGE

HELP

MARKETPLACE

You are here > > >

HTML/Script Code Injection Vulnerability

Published: May 19, 2009

Version: 1.0

Maximum Severity Rating: Low

Background

Whilst installing DotNetNuke if an error occurs, as the custom error handling system may not be in place a redirect is performed to an error handling page.

Issue Summary

The error handling page optionally reads back a querystring parameter that may contain additional error information. Whilst this parameter is typically encoded, an invalid tag could be used to bypass the filter, potentially to unencoded content being echoed to the screen and could allow for script or html injection issues.

Mitigating factors

N/A

Affected DotNetNuke versions

4.0 - 4.9.3 inclusive.

Non-Affected Versions:

N/A

Fix(s) for issue

To fix this problem, you are recommended to update to the latest version of DotNetNuke (4.9.4 at time of writing)

Acknowledgments

Ben Hawkes - Lateral Security (www.lateralsecurity.com)

Security Policy

Click here to read more details on the DotNetNuke Security Policy

DotNetNuke Training by Engage Software
Specializing in customized training, architecture and module solutions for large scale implementations lead by DNN Core Team Member Christopher Hammond.
engagesoftware.com

R2i - Your DotNetNuke Solution Partner
R2integrated (R2i), a digital marketing and technology firm, is a nationally recognized DNN expert providing award-winning design, custom module development and consulting services.
www.R2integrated.com/DNN

"SalarO" Skinning Graphic Design Branding Services
SalarO develops packaged & custom skins for your DNN at prices you can afford. SalarO is also developing Module development, Hosting, Branding/Logo design as well as Content Transfer Services to complement the core skinning solutions.
www.salaro.com

DotNetNuke®, DNN®, and the DotNetNuke logo are trademarks of DotNetNuke Corporation