VideoDB "error" Cross-Site Scripting Vulnerability

Secunia ID	SA38513
Release Date	09 Feb 2010
Criticality	Less Critical Typically used for cross-site scripting vulnerabilities and privilege escalation vulnerabilities. This rating is also used for vulnerabilities allowing exposure of sensitive data to local users.
Solution Status	Unpatched
Software	VideoDB 3.x
Where	From remote "From remote" describes other vulnerabilities where the attack vector doesn't require access to the system or a local network. This category covers services that are acceptable to expose to the Internet (e.g. HTTP, HTTPS, SMTP). It also covers client applications used on the Internet and certain vulnerabilities where it is reasonable to assume that a security conscious user can be tricked into performing certain actions.
Impact	Cross-Site Scripting Cross-Site Scripting vulnerabilities allow a third party to manipulate the content or behaviour of a web application in a user's browser, without compromising the underlying system. Different Cross-Site Scripting related vulnerabilities are also classified under this category, including "script insertion" and "cross-site request forgery". Cross-Site Scripting vulnerabilities are often used against specific users of a website to steal their credentials or to conduct spoofing attacks.
Description	A vulnerability has been discovered in VideoDB, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "error" parameter in login.php (when "VDBusername" and "VDBpassword" cookies are not set) is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 3.0.3. Other versions may also be affected.
Solution	Edit the source code to ensure that input is properly sanitised.
Reported by	vr