MODX Revolution 2.2.13 (and prior) Blind SQL Injection

2014-04-21T10:18:45
ID MODX:C24B1DE796D2E1992BBDDFE7EAFE9F33
Type modx
Reporter Modx Community
Modified 2014-04-21T10:18:45

Description

<strong>Product:</strong> MODX Revolution<br /> <strong>Severity:</strong> Critical<br /> <strong>Versions:</strong> 2.0.0–2.2.13<br /> <strong>Vulnerability type:</strong> SQL Injection<br /> <strong>Report date:</strong> 2014-Mar-10<br /> <strong>Fixed date:</strong> 2014-Apr-04<br /> <br /> <strong>Description</strong><br /> Multiple vulnerabilities were discovered in MODX Revolution that allow users to inject and manipulate the database. This includes an issue exploitable through the session ID supplied by the user and is exploitable without authentication. Another issue relates to messaging and connectors for authenticated users. <br /> <br /> <strong>Affected Releases</strong><br /> All MODX Revolution releases prior to and including 2.2.13.<br /> <br /> <strong>Solution</strong><br /> Upgrade to <a href="http://modx.com/download/" target="_blank" rel="nofollow">MODX Revolution 2.2.14</a>. Due to the nature of this issue and the number of files requiring changes the solution is to upgrade. No installable patch or fileset is available for prior versions.<br /> <br /> <strong>Acknowledgement</strong><br /> We would like to thank Craig Arendt, of <a href="http://www.stratumsecurity.com" target="_blank" rel="nofollow">Stratum Security</a> for bringing this issue to our attention.<br /> <br /> <strong>Additional Information</strong><br /> For additional information, please use the <a href="http://modx.com/company/contact/" target="_blank" rel="nofollow">MODX Contact Form</a>