Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Mon, 12 Sep 2016 02:19:33 +0000
From: 陈瑞琦 <>
To: "" <>
Subject: CVE Request: XSS vulns in b2evolution v6.7.5

I have found 2 XSS vulns in b2evolution v 6.7.5

Title: Stored XSS in b2evolution version 6.7.5 amd before
Author: Chen Ruiqi,, @Codesafe Team
Download Site:
Vendor Notified: 2016-08-12
Vendor Contact:
b2evolution is a content and community management system written in PHP and backed by a MySQL database. It is distributed as free software under the GNU General Public License.
b2evolution originally started as a multi-user multi-blog engine when Fran?ois Planque forked b2evolution from version 0.6.1 of b2/cafelog in 2003.[2] A more widely known fork of b2/cafelog is WordPress. b2evolution is available in web host control panels as a "one click install" web app.[3](Wiki)
There is stored XSS in b2evolution version 6.7.5
Any user can post a forum with some evil code in it.
Post a forum with some thing like
[test_forum_xss]("onmouseover="alert(1)"on="1 "test_forum_xss")
Fix code:
There is stored XSS in b2evolution version 6.7.5
An authentic user can inject javascript code in the website header.
Edit the "Short site name" at set_settings with something like
test_short_name_xss" onmouseover=alert(1) on
Fix code:

Could you assign CVE id for those?

Thank you

Chen Ruiqi
Codesafe Team

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ