Full Disclosure mailing list archives
Symphony 2.6.3 – Multiple Persistent Cross-Site Scripting Vulnerabilities
From: CSW Research Lab <disclose () cybersecurityworks com>
Date: Sat, 12 Dec 2015 20:25:10 +0530
================================================================ Symphony 2.6.3 – Multiple Persistent Cross-Site Scripting Vulnerabilities ================================================================ Information ********************** Vulnerability Type : Multiple Persistent Cross Site Scripting Vulnerabilities Vulnerable Version : 2.6.3 Severity: Medium Author – Arjun Basnet CVE-ID: N/A Homepage: *http://www.getsymphony.com/ <http://www.getsymphony.com/> * Description *********************** Bedita is prone to Multiple persistent cross-site scripting vulnerabilities because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user of the affected site. Proof of Concept URL *************************** [+] http://localhost/symphony/symphony/system/preferences/success/ Affected Area ***************** [+] http://localhost/symphony/symphony/system/preferences/ Payload ======================= "><script>alert(1);</script> Advisory Information: ================================================ Symphony CMS XSS Vulnerability Severity Level: ========================================================= High Description: ========================================================== Vulnerable Product ************************* [+] Symphony 2.6.3 Vulnerable Parameter(s) ****************************** email_sendmail[from_name] email_sendmail[from_address] email_smtp[from_name] email_smtp[from_address] email_smtp[host] email_smtp[port] it_image_manipulation[trusted_external_sites] maintenance_mode[ip_whitelist] Advisory Timeline ************************ 03-Nov-2015- Reported 05-Nov-2015- Vendor Response 10-Dec-2015- Vendor Released Fixed version 12-Dec-2015- Public disclosed Fixed Version: ***************** [+] Symphony 2.6.4 (http://www.getsymphony.com/download/) Reference ***************** [+] https://www.owasp.org/index.php/Cross-site_Scripting_(XSS) Credits & Authors ************************ Arjun Basnet from Cyber Security Works Pvt. Ltd. ( http://cybersecurityworks.com) -- ---------- Cheers !!! Team CSW Research Lab <http://www.cybersecurityworks.com> _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Current thread:
- Symphony 2.6.3 – Multiple Persistent Cross-Site Scripting Vulnerabilities CSW Research Lab (Dec 13)