0day.today - Größte Exploit-Datenbank der Welt.
![](/img/logo_green.jpg)
Wir benutzen eine Hauptdomain DOMAIN_LINK
Wenn Du den Exploit kaufen, oder für einen Service bezahlen möchtest, musst Du Gold kaufen. Wir wollen nicht, dass Du unsere Seite als ein Werkzeug für Aktivitäten wie Hacking verwendest. Illegale Aktionen, die andere Benutzer oder Webseiten betreffen, für die Du keine Zugriffsrechte hast, führen dazu, dass der Account gebannt und alle Daten von diesem unwiderruflich gelöscht werden.
Die Administratoren dieser Seite benutzen nur die offiziellen Kontaktdaten. Achte auf Betrüger!
![We DO NOT use Telegram or any messengers / social networks!](/img/no_telegram_big.png)
Please, beware of scammers!
- Lies [ Vereinbarung ]
- Lies [ Senden ] Regeln
- Besuche [ FAQ ] page
- [ Registrieren ] Profil
- Bekommen [ GOLD ]
- Wenn Du möchtest [ Verkaufen ]
- Wenn Du möchtest [ Kaufen ]
- Wenn Du vergessen hast [ Account ]
- Fragen [ [email protected] ]
- Anmeldungsseite
- Registrierungsseite
- Seite für Accountwiederherstellung
- FAQ Seite
- Kontakt
- Regeln für Veröffentlichungen
- Vereinbarungsseite
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
You can contact us by:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
Composr CMS 10.0.30 - Persistent Cross-Site Scripting Vulnerability
Autor
Risiko
![](/img/risk/critlow_3.gif)
Security Risk High
]0day-ID
Kategorie
Datum hinzufügen
Betriebssystem
# Title: Composr CMS 10.0.30 - Persistent Cross-Site Scripting # Author: Manuel Garcia Cardenas # Vendor: https://compo.sr/ # CVE: N/A ============================================= MGC ALERT 2020-001 - Original release date: February 06, 2020 - Last revised: May 21, 2020 - Discovered by: Manuel Garcia Cardenas - Severity: 4,8/10 (CVSS Base Score) - CVE-ID: CVE-2020-8789 ============================================= I. VULNERABILITY ------------------------- Composr CMS 10.0.30 - (Authenticated) Cross-Site Scripting II. BACKGROUND ------------------------- Composr CMS (or Composr) is a web application for creating websites. It is a combination of a Web content management system and Online community (Social Networking) software. Composr is licensed as free software and primarily written in the PHP programming language. III. DESCRIPTION ------------------------- Has been detected a Persistent XSS vulnerability in Composr CMS, that allows the execution of arbitrary HTML/script code to be executed in the context of the victim user's browser. IV. PROOF OF CONCEPT ------------------------- Go to: Security -> Usergroups -> Edit Usergroup Select one Usergroup (for example Guest) and edit the Name (parameter name) for example with Guests"><script>alert(1)</script> The variable "name" it is not sanitized, later, if some user visit the "Zone editor" area, the XSS is executed, in the response you can view: <input type="hidden" name="label_for__access_1" value="Access for Guests"><script>alert(1)</script>" /> V. BUSINESS IMPACT ------------------------- An attacker can execute arbitrary HTML or Javascript code in a targeted user's browser, this can leverage to steal sensitive information as user credentials, personal data, etc. VI. SYSTEMS AFFECTED ------------------------- Composr CMS <= 10.0.30 VII. SOLUTION ------------------------- Disable until a fix is available. VIII. REFERENCES ------------------------- https://compo.sr/ IX. CREDITS ------------------------- This vulnerability has been discovered and reported by Manuel Garcia Cardenas (advidsec (at) gmail (dot) com). X. REVISION HISTORY ------------------------- February 06, 2020 1: Initial release May 21, 2020 2: Last revision XI. DISCLOSURE TIMELINE ------------------------- February 06, 2020 1: Vulnerability acquired by Manuel Garcia Cardenas February 06, 2020 2: Send to vendor April 06, 2020 3: New request, vendor doesn't answer. May 21, 2020 4: Sent to lists XII. LEGAL NOTICES ------------------------- The information contained within this advisory is supplied "as-is" with no warranties or guarantees of fitness of use or otherwise. XIII. ABOUT ------------------------- Manuel Garcia Cardenas Pentester # 0day.today [2024-06-30] #