ID CVE-2017-11744 Type cve Reporter NVD Modified 2017-08-02T09:37:16
Description
In MODX Revolution 2.5.7, the "key" and "name" parameters in the System Settings module are vulnerable to XSS. A malicious payload sent to connectors/index.php will be triggered by every user, when they visit this module.
{"href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-11744", "history": [{"lastseen": "2017-07-31T10:33:25", "differentElements": ["cvss", "modified", "cpe"], "edition": 1, "bulletin": {"href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-11744", "history": [], "id": "CVE-2017-11744", "published": "2017-07-30T11:29:00", "description": "In MODX Revolution 2.5.7, the \"key\" and \"name\" parameters in the System Settings module are vulnerable to XSS. A malicious payload sent to connectors/index.php will be triggered by every user, when they visit this module.", "bulletinFamily": "NVD", "title": "CVE-2017-11744", "type": "cve", "cpe": [], "assessment": {"href": "", "name": "", "system": ""}, "scanner": [], "cvss": {"score": 0.0, "vector": "NONE"}, "hashmap": [{"key": "scanner", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "references", "hash": "745f62984a68720e7caefcd687fce040"}, {"key": "cvelist", "hash": "d8489570bfd97c76521297ac84313e1a"}, {"key": "assessment", "hash": "6d3f4796275bb54c21a33b82f399cc6d"}, {"key": "href", "hash": "edd33a4222ea80e7090c599272647f34"}, {"key": "published", "hash": "a2b96ec6bada8b5da632a4fae03b2eb7"}, {"key": "modified", "hash": "a2b96ec6bada8b5da632a4fae03b2eb7"}, {"key": "description", "hash": "1d936bbfbdd1b53dbcd89291ab583a76"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}, {"key": "cvss", "hash": "8cd4821cb504d25572038ed182587d85"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "title", "hash": "c314a5e3ae4b9b4d6fcf49cf75862f5a"}, {"key": "cpe", "hash": "d41d8cd98f00b204e9800998ecf8427e"}], "hash": "4af508b5220b951a7e6f5b1527063673344cf214d00469ade491d33543be4b3a", "references": ["https://github.com/modxcms/revolution/issues/13564"], "edition": 1, "cvelist": ["CVE-2017-11744"], "lastseen": "2017-07-31T10:33:25", "viewCount": 0, "enchantments": {}, "reporter": "NVD", "objectVersion": "1.3", "modified": "2017-07-30T11:29:00"}}], "assessment": {"href": "", "name": "", "system": ""}, "id": "CVE-2017-11744", "reporter": "NVD", "published": "2017-07-30T11:29:00", "description": "In MODX Revolution 2.5.7, the \"key\" and \"name\" parameters in the System Settings module are vulnerable to XSS. A malicious payload sent to connectors/index.php will be triggered by every user, when they visit this module.", "title": "CVE-2017-11744", "cpe": ["cpe:/a:modx:modx_revolution:2.5.7"], "bulletinFamily": "NVD", "type": "cve", "scanner": [], "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "hash": "5be39162827acddd1d5645ff89dc283e7248077eae339ce26b344b007c2af93c", "references": ["https://github.com/modxcms/revolution/issues/13564"], "edition": 2, "cvelist": ["CVE-2017-11744"], "lastseen": "2017-08-03T10:33:09", "viewCount": 8, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}, "vulnersScore": 7.5}, "hashmap": [{"key": "assessment", "hash": "6d3f4796275bb54c21a33b82f399cc6d"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "cf495f67cda04e916f4f4bc9c08b607d"}, {"key": "cvelist", "hash": "d8489570bfd97c76521297ac84313e1a"}, {"key": "cvss", "hash": "6e9bdd2021503689a2ad9254c9cdf2b3"}, {"key": "description", "hash": "1d936bbfbdd1b53dbcd89291ab583a76"}, {"key": "href", "hash": "edd33a4222ea80e7090c599272647f34"}, {"key": "modified", "hash": "0dc1aa30ffa82df7dee744d952104c29"}, {"key": "published", "hash": "a2b96ec6bada8b5da632a4fae03b2eb7"}, {"key": "references", "hash": "745f62984a68720e7caefcd687fce040"}, {"key": "reporter", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "scanner", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "title", "hash": "c314a5e3ae4b9b4d6fcf49cf75862f5a"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "objectVersion": "1.3", "modified": "2017-08-02T09:37:16"}
{"openvas": [{"lastseen": "2018-10-26T14:36:16", "references": ["https://github.com/modxcms/revolution/blob/2.x/core/docs/changelog.txt#L81", "https://github.com/modxcms/revolution/issues/13564"], "pluginID": "1361412562310140286", "description": "MODX Revolution CMS is prone to a cross-site scripting vulnerability.", "edition": 12, "reporter": "This script is Copyright (C) 2017 Greenbone Networks GmbH", "published": "2017-08-08T00:00:00", "title": "MODX Revolution CMS XSS Vulnerability", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 4.3}}, "naslFamily": "Web application abuses", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-11744"], "modified": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310140286", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310140286", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_modx_cms_xss_vuln.nasl 12106 2018-10-26 06:33:36Z cfischer $\n#\n# MODX Revolution CMS XSS Vulnerability\n#\n# Authors:\n# Christian Kuersteiner <christian.kuersteiner@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2017 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = 'cpe:/a:modx:revolution';\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.140286\");\n script_version(\"$Revision: 12106 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 08:33:36 +0200 (Fri, 26 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2017-08-08 15:39:24 +0700 (Tue, 08 Aug 2017)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_cve_id(\"CVE-2017-11744\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_name(\"MODX Revolution CMS XSS Vulnerability\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"This script is Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_modx_cms_detect.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_mandatory_keys(\"modx_cms/installed\");\n\n script_tag(name:\"summary\", value:\"MODX Revolution CMS is prone to a cross-site scripting vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"In MODX Revolution, the 'key' and 'name' parameters in the System Settings\nmodule are vulnerable to XSS. A malicious payload sent to connectors/index.php will be triggered by every user,\nwhen they visit this module.\");\n\n script_tag(name:\"affected\", value:\"MODX Revolution prior version 2.6.4.\");\n script_tag(name:\"solution\", value:\"Upgrade to the latest version.\");\n\n script_xref(name:\"URL\", value:\"https://github.com/modxcms/revolution/issues/13564\");\n script_xref(name:\"URL\", value:\"https://github.com/modxcms/revolution/blob/2.x/core/docs/changelog.txt#L81\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (!port = get_app_port(cpe: CPE))\n exit(0);\n\nif (!version = get_app_version(cpe: CPE, port: port))\n exit(0);\n\nif (version_is_less(version: version, test_version: \"2.6.4\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"2.6.4\");\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}]}
