ID CVE-2018-11690 Type cve Reporter cve@mitre.org Modified 2019-03-14T17:02:00
Description
The Balbooa Gridbox extension version 2.4.0 and previous versions for Joomla! is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability via a crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
{"id": "CVE-2018-11690", "bulletinFamily": "NVD", "title": "CVE-2018-11690", "description": "The Balbooa Gridbox extension version 2.4.0 and previous versions for Joomla! is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability via a crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.", "published": "2018-06-14T20:29:00", "modified": "2019-03-14T17:02:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-11690", "reporter": "cve@mitre.org", "references": ["http://www.securityfocus.com/archive/1/542066/100/0/threaded", "https://vel.joomla.org/resolved/2155-gridbox-com-gridbox-multiple-vulnerabilities", "http://packetstormsecurity.com/files/148127/Joomla-2.4.0-Gridbox-Cross-Site-Scripting.html", "http://seclists.org/fulldisclosure/2018/Jun/26", "https://vulmon.com/vulnerabilitydetails?qid=CVE-2018-11690"], "cvelist": ["CVE-2018-11690"], "type": "cve", "lastseen": "2020-12-09T20:25:32", "edition": 5, "viewCount": 5, "enchantments": {"dependencies": {"references": [{"type": "packetstorm", "idList": ["PACKETSTORM:148127"]}], "modified": "2020-12-09T20:25:32", "rev": 2}, "score": {"value": 4.0, "vector": "NONE", "modified": "2020-12-09T20:25:32", "rev": 2}, "vulnersScore": 4.0}, "cpe": ["cpe:/a:balbooa:gridbox:2.4.0"], "affectedSoftware": [{"cpeName": "balbooa:gridbox", "name": "balbooa gridbox", "operator": "le", "version": "2.4.0"}], "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 2.7}, "cpe23": ["cpe:2.3:a:balbooa:gridbox:2.4.0:*:*:*:*:joomla\\!:*:*"], "cwe": ["CWE-79"], "scheme": null, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:balbooa:gridbox:2.4.0:*:*:*:*:joomla\\!:*:*", "versionEndIncluding": "2.4.0", "vulnerable": true}], "operator": "OR"}]}}
{"packetstorm": [{"lastseen": "2018-06-13T06:21:03", "description": "", "published": "2018-06-08T00:00:00", "type": "packetstorm", "title": "Joomla 2.4.0 Gridbox Cross Site Scripting", "bulletinFamily": "exploit", "cvelist": ["CVE-2018-11690"], "modified": "2018-06-08T00:00:00", "id": "PACKETSTORM:148127", "href": "https://packetstormsecurity.com/files/148127/Joomla-2.4.0-Gridbox-Cross-Site-Scripting.html", "sourceData": "`I. VULNERABILITY \n------------------------- \nGridbox extension for Joomla! <= 2.4.0 Reflected Cross Site Scripting (XSS) \n \nII. CVE REFERENCE \n------------------------- \nCVE-2018-11690 \n \nIII. VENDOR \n------------------------- \nhttps://extensions.joomla.org/extension/gridbox/ \n \nIV. REFERENCES \n------------------------- \nhttps://vulmon.com/vulnerabilitydetails?qid=CVE-2018-11690 \nhttps://vel.joomla.org/resolved/2155-gridbox-com-gridbox-multiple-vulnerabilities \n \nV. TIMELINE \n------------------------- \n02/04/2018 Vulnerability discovered \n09/04/2018 Vendor contacted \n23/04/2018 Vulnerability fixed \n \nVI. CREDIT \n------------------------- \nYavuz Atlas of Biznet Bilisim \nhttp://www.biznet.com.tr/biznet-guvenlik-duyurulari \n \nVII. DESCRIPTION \n------------------------- \nBalbooa Gridbox extension version 2.4.0 and previous versions for \nJoomla! is vulnerable to cross-site scripting. A remote attacker could \nexploit this vulnerability via a crafted URL to execute script in a \nvictim's Web browser within the security context of the hosting Web \nsite, once the URL is clicked. An attacker could use this \nvulnerability to steal the victim's cookie-based authentication \ncredentials \n \nVIII. PROOF OF CONCEPT \n------------------------- \nFor category parameter: \nhttp://localhost:81/bg/Joomla_3.8.5-Stable-Full_Package/index.php?option=com_gridbox&view=pages&app=aaa&category=<script>alert(1)</script> \n \nFor app parameter: \nhttp://localhost:81/bg/Joomla_3.8.5-Stable-Full_Package/index.php?option=com_gridbox&view=pages&app=<script>alert(1)</script>&category=aaa \n`\n", "cvss": {"score": 0.0, "vector": "NONE"}, "sourceHref": "https://packetstormsecurity.com/files/download/148127/joomlabridgebox-xss.txt"}]}
