发布时间 :2002-05-16 00:00:00
修订时间 :2016-10-17 22:17:16

[原文]Cross-site scripting vulnerability in fom.cgi of Faq-O-Matic 2.712 allows remote attackers to execute arbitrary Javascript on other clients via the cmd parameter, which causes the script to be inserted into an error message.



- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)


- OVAL (用于检测的技术细节)


- 官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD
(官方数据源) CNNVD

- 其它链接及资源
(UNKNOWN)  BUGTRAQ  20020204 [SUPERPETZ ADVISORY #002- Faq-O-Matic Cross-Site Scripting Vulnerability]
(UNKNOWN)  BUGTRAQ  20020205 Faq-O-Matic Cross-Site Scripting

- 漏洞信息

中危 未知
2002-05-16 00:00:00 2005-10-20 00:00:00

- 公告与补丁

        * 修改代码,严格过滤输出信息的脚本代码。如果修改代码有困难,请暂时停止使用Faq-O-Matic。
        FAQ-O-Matic SourceForge CVS仓库的代码已经修复了这个漏洞,请到以下地址下载:

- 漏洞信息 (21263)

Faq-O-Matic 2.6/2.7 Cross-Site Scripting Vulnerability (EDBID:21263)
cgi remote
2002-02-04 Verified
0 superpetz
N/A [点击下载]

FAQ-O-Matic is a freely available, open-source FAQ (Frequently Asked Questions) manager. It is intended to run on Linux and Unix variants.

FAQ-O-Matic does not sufficiently filter script code from URL parameters. It is possible to create a malicious link containing arbitrary script code. When a legitimate user browses the malicious link, the script code will be executed in the user's browser in the context of the website running Faq-O-Matic.

As a result, it may be possible for a remote attacker to steal cookie-based authentication credentials from a legitimate user of the service.


- 漏洞信息

Faq-O-Matic fom.cgi cmd Parameter Error Message XSS
Remote / Network Access Input Manipulation
Loss of Integrity Solution Unknown
Exploit Public Third-party Verified

- 漏洞描述

Faq-O-Matic contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'cmd' variables upon submission to the 'fom.cgi' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

- 时间线

2002-02-04 2002-02-01
2002-02-04 Unknow

- 解决方案

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

- 相关参考

- 漏洞作者