PenTest Limited www.pentest-limited.com Security Advisory XSS bug in Betsie Announcement date: 1st July 2002 Reference: ptl-2002-03 Advisory Details ---------------- Product: Betsie Vulnerable versions: 1.5.11 and all versions before Vulnerability Type : Input Validation Error Platforms: All Vendor-URL: http://www.bbc.co.uk/education/betsie/ Vendor-Status: informed, new version available Remote-Exploit: Yes Overview -------- A Cross-site Scripting vulnerability exists in the Betsie application. The developer has been notified and a fixed version has been released. Description ------------ Betsie stands for BBC Education Text to Speech Internet Enhancer, and is a simple Perl script which is intended to alleviate some of the problems experienced by people using text to speech systems for web browsing. The Betsie perl script does not adequately validate and filter URL input making it vulnerable to Cross-site Scripting attacks. Cross-site Scripting example: http://server/cgi-bin/betsie/parserl.pl/