Re: CVE Request -- CMS BEdita v. 3.4.0 -- Multiple stored XSS vulnerabilities

[cve-assign () mitre org]

> I found multiple stored XSS vulnerabilities in the administrative backend
> of CMS BEdita v.3.4.0 (release-date: 9th-May-2014).
>
> The vulnerabilities can be found in the following paths of a common BEdita
> installation:
>
> http://{TARGET}/index.php/home/profile (in form with id ???editProfile???  via
> input field with id ???lrealname")
>
> http://{TARGET}/index.php/ (in form with id ???addQuickItem??? via input field
> with name "data[title]" and name "data[description]")
>
> http://{TARGET}/index.php/areas (in form with id ???saveNote??? via input field
> with id ???note text")
>
> http://{TARGET}/index.php/documents/view (in form with id ???updateForm??? via
> input field with id ???titleBEObject??? and input field with id ???tagsArea???)
>
> The vulnerabilities can be exploited by using arbitray HTML- and/or
> JavaScriptcode, e.g. <script>alert(document.cookie)</script>.
>
> Could you please assign a CVE-ID for it?
>
> Thank you. Greetings.
>
> Steffen R??semann
>
> References:
>
> [1] http://www.bedita.com
> [2] http://sroesemann.blogspot.de/2014/12/sroeadv-2014-10.html
> [3] https://github.com/bedita/bedita/issues/566
> [4] http://seclists.org/fulldisclosure/2015/Jan/16

Use CVE-2015-1040.

---

CVE assignment team, MITRE CVE Numbering Authority M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]