#1355 Exponent CMS 2.3.7 - SWF File Upload Cross Site Scripting Vulnerability - Exponent CMS

Type	To find
responsible:me	tickets assigned to you
tagged:"@high"	tickets tagged @high
milestone:next	tickets in the upcoming milestone
state:invalid	tickets with the state invalid
created:"last week"	tickets created last week
sort:number, importance, updated	tickets sorted by #, importance or updated
Combine keywords for powerful searching.
Use advanced searching »

#1355 new

Exponent CMS 2.3.7 - SWF File Upload Cross Site Scripting Vulnerability

Reported by Sachin Wagh | February 25th, 2016 @ 07:36 AM

Information

Vulnerability Type : Exponent CMS 2.3.7 -File Upload Cross Site Scripting Vulnerability
Vulnerable Version : 2.3.7
CVE-ID :
Severity: High
Author – Sachin Wagh (@tiger_tigerboy)

Description

Exponent CMS is prone to a swf file upload cross site Scripting vulnerability because it fails to sanitize user-supplied input.

Please find attached POC for more detail.

http://localhost/exponent-2.3.7/files/xssproject.swf?js=alert%28%27...;

Reference :

https://www.owasp.org/index.php/Testing_for_Cross_site_flashing_%28...

Credits & Authors

Sachin Wagh (@tiger_tigerboy)

SWF_XSS.avi 672.9 KB

Comments and changes to this ticket

Please Sign in or create a free account to add a new ticket.

With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.