0xB9EDB-ID:44546October CMS User Plugin 1.4.5 - Persistent Cross-Site Scripting
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.3 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
33.4%
# Exploit Title: October CMS User Plugin v1.4.5 - Persistent Cross-Site Scripting
# Date: 2018-04-03
# Author: 0xB9
# Software Link: https://octobercms.com/plugin/rainlab-user
# Version: 1.4.5
# Tested on: Ubuntu 17.10
# CVE: CVE-2018-10366
#1. Description:
Front-end user management for October CMS. Allows visitors to create a website.
#2. Proof of Concept:
Persistent XSS
- Go to the account page localhost/OctoberCMS/account/
- Register & enter the following for your full name <p """><SCRIPT>alert("XSS")</SCRIPT>">
- You will be alerted everytime you visit the account page localhost/OctoberCMS/account/
#3. Solution:
Update to 1.4.6Related
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.3 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
33.4%