Security vulnerabilities!

News from the site
User avatar
Stoker
Site Admin
Site Admin
Posts: 3511
Joined: 12 May 2008, 21:26
BBCodes: 239
Favourite BBCode: Anipro
Favourite MOD: PrettyPhoto
Location: Denmark

Security vulnerabilities!

Post by Stoker » 14 May 2010, 18:40

Security vulnerabilities!

On 02 feb 2010 we found out that bbcodes using {TEXT} inside the html tags was a serious security vulnerability.
Therefore I mass mailed all our members with a link to a post with more explanation.
That post is what you see below.

In the meantime a new token was introduced in 3.0.7, {INTTEXT} which is safe to use inside html tags where this is necessary.
We have also secured all bbcodes on this board, no longer using {TEXT} inside html tags.
So you are not to worry about getting insecure code here. I am just reposting because it is important information and for the fact that this issue is not informed well other places.

Stoker wrote:Hello,

I am very sorry to inform you that we may have been providing insecure code!
The problem is when {TEXT} is used in the html tags.
Just like this:

Code: Select all

<div style="{TEXT1}">{TEXT2}</div>
Instead of using {TEXT} we should use {SIMPLETEXT} or {IDENTIFIER}
Then it would be safe.

Please check all your bbcodes.

Sorry for the inconvenience.
Board rules! No PM support
Sure, I can install the Mod for you ;)
Like the site? Then buy me a bear


User avatar
boardtalk.net
BBCoder II
BBCoder II
Posts: 35
Joined: 05 Mar 2010, 11:55
Favourite MOD: Default Random 'No Avatar
Location: Éire

Re: Security vulnerabilities!

Post by boardtalk.net » 16 May 2010, 11:29

What could happen if the {TEXT} was not taken out?

User avatar
Stoker
Site Admin
Site Admin
Posts: 3511
Joined: 12 May 2008, 21:26
BBCodes: 239
Favourite BBCode: Anipro
Favourite MOD: PrettyPhoto
Location: Denmark

Re: Security vulnerabilities!

Post by Stoker » 16 May 2010, 12:06

It could cause a XSS vulnerability, try google it for more info.
Board rules! No PM support
Sure, I can install the Mod for you ;)
Like the site? Then buy me a bear

User avatar
Fire-Fox
BBCoder IV
BBCoder IV
Posts: 275
Joined: 22 Mar 2010, 11:24
Location: Denmark

Re: Security vulnerabilities!

Post by Fire-Fox » 16 May 2010, 12:23

So

Code: Select all

<code><font color="#3a9790">{TEXT}</font></code>
should be

Code: Select all

<code><font color="#3a9790">{INTTEXT}</font></code>
then it safe?

User avatar
Stoker
Site Admin
Site Admin
Posts: 3511
Joined: 12 May 2008, 21:26
BBCodes: 239
Favourite BBCode: Anipro
Favourite MOD: PrettyPhoto
Location: Denmark

Re: Security vulnerabilities!

Post by Stoker » 16 May 2010, 12:29

No, thats not the case. Only when TEXT is used inside the html tag.
You can see an example in the Submit a bbcode forum rules which you aff course allready have read since you have submitted a bbcode ;)
Board rules! No PM support
Sure, I can install the Mod for you ;)
Like the site? Then buy me a bear


User avatar
boardtalk.net
BBCoder II
BBCoder II
Posts: 35
Joined: 05 Mar 2010, 11:55
Favourite MOD: Default Random 'No Avatar
Location: Éire

Re: Security vulnerabilities!

Post by boardtalk.net » 16 May 2010, 12:36

Stoker » 16 May 2010, 14:06 wrote:It could cause a XSS vulnerability, try google it for more info.
Thanks, just googled it... all I have to say is... ouch.

User avatar
Nully
Donator
Donator
Posts: 258
Joined: 14 Mar 2010, 22:03
BBCodes: 10
Favourite MOD: Radios
Location: France > Bulgaria

Re: Security vulnerabilities!

Post by Nully » 20 May 2010, 20:11

Hello,
do you mean, for example in the Youtube BBcode :

Code: Select all

src="http://www.youtube.com/v/{TEXT}"
we have to replace TEXT by INTTEXT ?

And here in the think BBcode :

Code: Select all

<table border="0" cellpadding="0" cellspacing="0"><tr><td style="margin: 0;padding: 0;border: 0;"><div style=" background-color: #ffffff;color: #000000; -moz-border-radius: 16px; -webkit-border-radius: 16px; border: 1px solid #000000; padding: 4px;font-size: 1em;" >&nbsp; {TEXT} &nbsp;</div><img src="images/stoker.gif"></td></tr></table>

User avatar
Stoker
Site Admin
Site Admin
Posts: 3511
Joined: 12 May 2008, 21:26
BBCodes: 239
Favourite BBCode: Anipro
Favourite MOD: PrettyPhoto
Location: Denmark

Re: Security vulnerabilities!

Post by Stoker » 20 May 2010, 20:34

yes and no :)
Board rules! No PM support
Sure, I can install the Mod for you ;)
Like the site? Then buy me a bear

User avatar
Nully
Donator
Donator
Posts: 258
Joined: 14 Mar 2010, 22:03
BBCodes: 10
Favourite MOD: Radios
Location: France > Bulgaria

Re: Security vulnerabilities!

Post by Nully » 20 May 2010, 20:52

Yes for the 1st and no for the 2nd ?
Please...tell me :D

cisco007
BBCoder VI
BBCoder VI
Posts: 1015
Joined: 16 Mar 2010, 16:14
Location: Don't really know!

Re: Security vulnerabilities!

Post by cisco007 » 20 May 2010, 22:00

that is correct! what you asked for the youtube bbcode that is correct, for the think bbcode it is correct the way it is! since the {TEXT} is actually outside the html tags, it is actually in between the <div> so that is fine!