Cross-site Scripting (XSS) Vulnerability in Nuggetz CMS

ID HTB22400
Type htbridge
Reporter High-Tech Bridge
Modified 2010-05-26T00:00:00


High-Tech Bridge SA Security Research Lab has discovered vulnerability in Nuggetz CMS which could be exploited to perform cross-site scripting attacks.

1) Cross-site scripting (XSS) vulnerability in Nuggetz CMS
The vulnerability exists due to input sanitation error in the "pagevalue" parameter in nuggetz/admin/ajaxsave.php. A remote attacker can send a specially crafted HTTP POST request to the vulnerable script and execute arbitrary HTML and script code in user`s browser in context of the vulnerable website. Successful exploitation requires that victim is logged-in into the application and has access to the administrative section.
Exploitation example:
<form action=" lass&dummy=1" method="post" name="main" >
<input name="pagevalue" type="hidden" value='page content"><script>alert(document.cookie)</script>' />