TYPO3-20051107-1: chc_forum

A bug has been discovered in the "CHC Forum" (chc_forum) extension where some Javascript expressions are not properly caught when entered in forms. Thus, specially crafted entries may be used to inject malicious code.

Component Type: Third Party Extension. This extension is third party code that has not been submitted to the TYPO3 extension review process yet. The extension is not part of TYPO3 default installations.

Affected Components: chc_forum

Versions: 1.4.1 and earlier

Vulnerability Type: Cross Site Scripting

Severity: Medium

Problem Description:
A bug has been discovered in the "CHC Forum" (chc_forum) extension where some Javascript expressions are not properly caught when entered in forms. Thus, specially crafted entries may be used to inject malicious code.

Solution:

An updated version (1.4.2) of chc_forum can be found on typo3.org/extensions/repository/list/chc_forum/ or via Extension Manager. All users of this extension are advised to update immediatly.

Credits:
Thanks to Zach Davis (author of chc_forum) for notifying us and for providing a fixed version.