CVE-2009-1880

Vulnerability

REP-BBS from MT312, a web log system supporting posting and viewing web logs from mobile phones, contains a cross-site scripting (XSS) vulnerability in the files model.php and config.php. Versions of REP-BBS (repbbs.lzh) that contain these files with a timestamp prior to May 21, 2009 are affected [1][2].

Exploitation

An attacker can inject arbitrary web script or HTML via unspecified vectors related to model.php and config.php. The vulnerability can be exploited remotely without authentication, but requires medium attack complexity [2]. The attacker needs to trick a user into interacting with a crafted link or content that triggers the script execution in the user's browser.

Impact

Successful exploitation allows an attacker to execute arbitrary script in the user's web browser within the security context of the vulnerable site. This can lead to information disclosure, session hijacking, or other client-side attacks. The integrity impact is partial, while confidentiality and availability are not affected [2].

Mitigation

The solution is to update the software to the latest version available at MT312 (repbbs.lzh) [1][2]. No workarounds are mentioned in the references.