Lucene search

K
htbridgeHigh-Tech BridgeHTB23229
HistoryAug 20, 2014 - 12:00 a.m.

Reflected Cross-Site Scripting (XSS) in MODX Revolution

2014-08-2000:00:00
High-Tech Bridge
www.htbridge.com
18

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.025 Low

EPSS

Percentile

88.9%

High-Tech Bridge Security Research Lab discovered vulnerability in MODX Revolution, which can be exploited to perform Cross-Site Scripting (XSS) attacks.

  1. Reflected Cross-Site Scripting (XSS) in MODX Revolution: CVE-2014-5451

The vulnerability exists due to insufficient sanitization of input data passed via the “a” HTTP GET parameter to “/manager/” URL. A remote attacker can trick a logged-in administrator to open a specially crafted link and execute arbitrary HTML and script code in browser in context of the vulnerable website.
This vulnerability can be used against website administrator to perform phishing attacks, steal potentially sensitive data and gain complete control over web application.

The exploitation example below uses the “alert()” JavaScript function to display “immuniweb” word:

http://[host]/manager/?a=%22%20onload=%22javascript:alert%28/immuniweb/%29;% 22%3E

CPENameOperatorVersion
modx revolutionle2.3.1-pl

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.025 Low

EPSS

Percentile

88.9%