0day.today - Największa Baza Exploitów na Świecie.
![](/img/logo_green.jpg)
- Korzystamy z jednej głównej domeny: http://0day.today
- Większość materiałów jest kompletnie DARMOWA
- Jeżeli chcesz kupić exploita / zdobyć dostęp V.I.P lub zapłacić za którąś z usług,
musisz zakupić lub zdobyćGOLD
Administracja tej strony używa oficjalnej strony kontaktowej. Uważaj na oszustów!
![We DO NOT use Telegram or any messengers / social networks!](/img/no_telegram_big.png)
Please, beware of scammers!
- Przeczytaj [ ugoda ]
- Przeczytaj [ Wyślij ] zasady
- Odwiedź [ faq ] strona
- [ Zarejestruj ] profil
- Zdobądź [ GOLD ]
- Jeżeli chcesz [ sprzedaj ]
- Jeżeli chcesz [ kup ]
- Jeżeli stracisz [ Konto ]
- Jakiekolwiek pytania [ [email protected] ]
- Strona autoryzacyjna
- Strona rejestracyjna
- Odzyskiwanie konta
- Strona FAQ
- Strona kontaktowa
- Zasady publikowania
- Strona
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
Możesz się z nami skonaktować przez:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
Composr CMS 10.0.30 - Persistent Cross-Site Scripting Vulnerability
Autor
Ryzyko
![](/img/risk/critlow_3.gif)
Wysokie Zagrożenie Bezpieczeństwa
]0day-ID
Kategoria
Data dodania
Platforma
# Title: Composr CMS 10.0.30 - Persistent Cross-Site Scripting # Author: Manuel Garcia Cardenas # Vendor: https://compo.sr/ # CVE: N/A ============================================= MGC ALERT 2020-001 - Original release date: February 06, 2020 - Last revised: May 21, 2020 - Discovered by: Manuel Garcia Cardenas - Severity: 4,8/10 (CVSS Base Score) - CVE-ID: CVE-2020-8789 ============================================= I. VULNERABILITY ------------------------- Composr CMS 10.0.30 - (Authenticated) Cross-Site Scripting II. BACKGROUND ------------------------- Composr CMS (or Composr) is a web application for creating websites. It is a combination of a Web content management system and Online community (Social Networking) software. Composr is licensed as free software and primarily written in the PHP programming language. III. DESCRIPTION ------------------------- Has been detected a Persistent XSS vulnerability in Composr CMS, that allows the execution of arbitrary HTML/script code to be executed in the context of the victim user's browser. IV. PROOF OF CONCEPT ------------------------- Go to: Security -> Usergroups -> Edit Usergroup Select one Usergroup (for example Guest) and edit the Name (parameter name) for example with Guests"><script>alert(1)</script> The variable "name" it is not sanitized, later, if some user visit the "Zone editor" area, the XSS is executed, in the response you can view: <input type="hidden" name="label_for__access_1" value="Access for Guests"><script>alert(1)</script>" /> V. BUSINESS IMPACT ------------------------- An attacker can execute arbitrary HTML or Javascript code in a targeted user's browser, this can leverage to steal sensitive information as user credentials, personal data, etc. VI. SYSTEMS AFFECTED ------------------------- Composr CMS <= 10.0.30 VII. SOLUTION ------------------------- Disable until a fix is available. VIII. REFERENCES ------------------------- https://compo.sr/ IX. CREDITS ------------------------- This vulnerability has been discovered and reported by Manuel Garcia Cardenas (advidsec (at) gmail (dot) com). X. REVISION HISTORY ------------------------- February 06, 2020 1: Initial release May 21, 2020 2: Last revision XI. DISCLOSURE TIMELINE ------------------------- February 06, 2020 1: Vulnerability acquired by Manuel Garcia Cardenas February 06, 2020 2: Send to vendor April 06, 2020 3: New request, vendor doesn't answer. May 21, 2020 4: Sent to lists XII. LEGAL NOTICES ------------------------- The information contained within this advisory is supplied "as-is" with no warranties or guarantees of fitness of use or otherwise. XIII. ABOUT ------------------------- Manuel Garcia Cardenas Pentester # 0day.today [2024-06-30] #