oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE Request -- CMS Kajona v. 4.6 -- Reflecting XSS in administrative backend

From: Steffen Rösemann <steffen.roesemann1986 () gmail com>
Date: Tue, 6 Jan 2015 22:57:13 +0100
Hi Josh, Steve, vendors, list.

I found a reflecting XSS vulnerability in the administrative backend of CMS
Kajona v. 4.6.

It is possible for an attacker to append aribtrary HTML and/or
JavaScript-Code to the "action" parameter used in index.php.

Exploit-Example:

http://
{TARGET}/index.php?admin=1&module=right&action=change%3Cscript%3Ealert%28document.cookie%29%3C/script%3E%3C!--&changemodule=dashboard

Could you assign a CVE-ID for it?

Thank you!

Greetings

Steffen Rösemann

References:

[1] http://sroesemann.blogspot.de/2015/01/sroeadv-2015-01.html
[2]
http://sroesemann.blogspot.de/2015/01/report-for-advisory-sroeadv-2015-01.html
[3]
https://www.kajona.de/de/News/newsdetails.Security-update-to-module-system.newsDetail.22ac42054aa88a07826c.html
[4] ttps://
github.com/kajona/kajonacms/commit/563d39c327606232e480602f7b36ea6cb31bc6f7
[5] http://seclists.org/fulldisclosure/2015/Jan/11
Previous By Date Next
Previous By Thread Next

Current thread: