oss-sec mailing list archives

Symphony CMS 2.6.3 - Multiple Reflected Cross-site Scripting Vulnerability

From: CSW Research Lab <disclose () cybersecurityworks com>
Date: Tue, 22 Dec 2015 10:49:39 +0000

Hi all

can you please assign CVE for this issue ?

Description
***************
Symphony CMS 2.6.3 is prone to Cross-site scripting vulnerability because
it fails to sanitize user-supplied input in default email settings.An
attacker may leverage this issue to execute arbitrary script code in the
browser of an unsuspecting user of the affected site.


Proof of Concept URL
***************************
[+] http://192.168.56.101/symphony/symphony/system/preferences/

Vulnerable Parameter
**************************
[+] email_sendmail[from_name]
[+] email_sendmail[from_address]
[+] email_smtp[from_name]
[+] email_smtp[from_address]
[+] email_smtp[host]
[+] email_smtp[port]
[+] it_image_manipulation[trusted_external_sites]
[+] maintenance_mode[ip_whitelist]

Current thread:

Symphony CMS 2.6.3 - Multiple Reflected Cross-site Scripting Vulnerability CSW Research Lab (Dec 22)