Exponent CMS 2.3.5- Multiple Cross-Site Scripting Vulnerability
Reported by Sachin Wagh | December 25th, 2015 @ 08:53 PM | in 2.3.7 (closed)
Information
Vulnerability Type : Exponent CMS 2.3.5 - Multiple Cross-Site
Scripting Vulnerability
Vulnerable Version : 2.3.5
CVE-ID :
Severity: High
Author – Sachin Wagh (@tiger_tigerboy)
Description
Exponent CMS is prone to a multiple cross-site scripting vulnerability because it fails to sanitize user-supplied input.
Affected parameters and URL's are mentioned below.
1.http://localhost/exponent-2.3.5/navigation/edit_contentpage/id/1#...
Parameter:
sef_name
canonical
page_title
2.http://localhost/exponent-2.3.5/users/edituser/id/1
Parameter:
firstname
3.http://localhost/exponent-2.3.5/users/manage_groups
Parameter:
name
description
Credits & Authors
Sachin Wagh (@tiger_tigerboy)
Comments and changes to this ticket
-
-
dleffler December 26th, 2015 @ 06:05 AM
- Tag set to “security”
- Assigned user changed from “expNinja” to “dleffler”
This issue may have been resolved with the fix to #1320 CVE-2015-8667 which was included in the v2.3.6 release today. Additional testing will need to be performed on v2.3.6 to see if this issue still exists.
-
Sachin Wagh December 26th, 2015 @ 06:43 AM
Thanks dleffer.
Just want to confirm for Parameter Tampering and Cross-Site Scripting assigned same CVE-ID.
Is it correct. Please let me know if its same one or different CVE for both type of issues.So I can go ahead and write advisory/blog.
Thanks again.
-
dleffler December 26th, 2015 @ 06:28 PM
- State changed from “new” to “resolved”
1, 2 & 3 were all fixed by security fix in v2.3.6
Please Sign in or create a free account to add a new ticket.
With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.
Create new ticket
Create your profile
Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป
Bug Tracker for Exponent CMS
dleffler
expNinja