Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Elxis CMS 2009.3 Aphrodite Cross Site Scripting

🗓️ 05 Dec 2011 00:00:00Reported by Ewerson GuimaraesType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 38 Views

Elxis CMS 2009.3 Aphrodite Cross Site Scripting vulnerability, impact, and patch detail

Code
`[Discussion]  
  
- DcLabs Security Research Group advises about the following vulnerability(ies):  
  
[Software]  
  
- Elxis CMS  
  
[Vendor Product Description]  
  
- Elxis is powerful open source content management system (CMS)  
released for free under the GNU/GPL license. It has unique  
multi-lingual features, it follows W3C standards, it is secure,  
flexible, easy to use, and modern. The development team, Elxis Team,  
paid extra attention to the optimization of the CMS for the search  
engines and this lead to high performance of all elxis powered web  
sites and to high ranking in search engines results.  
  
  
- Site: http://www.elxis.org/  
  
[Advisory Timeline]  
  
- 11/22/2011 -> First Contact requesting security department contact;  
- 11/22/2011 -> Vendor responded;  
- 11/23/2011 -> Advisory sent to vendor;  
- 11/23/2011 -> Vendor reply, fix the bug, release patch and  
coordinate to publish.  
- 12/05/2011 -> Published.  
  
[Bug Summary]  
  
- Persistent/Stored Cross-Site Scripting (XSS) (The cms admin can edit  
user contact info with XSS codes)  
  
- Non-Persistent Cross-Site Scripting (XSS)  
  
[Impact]  
  
- High  
  
[Affected Version]  
  
- Elxis 2009.3 aphrodite  
  
  
[Bug Description and Proof of Concept]  
  
- Exploiting the HTML-injection issue allows an attacker to execute  
HTML and Java Script code in the remote user context to steal  
cookie-based authentication credentials or to control how the site is  
rendered to the user; other attacks may also be possible.  
  
- Moreover, Cross Site Scripting (XSS) vulnerabilities are caused due  
to lack of input validation. This allows malicious people to inject  
arbitrary HTML and script code. More info at:  
http://en.wikipedia.org/wiki/Cross-site_scripting  
  
POC  
  
/elxis/index.php?id=3&Itemid=9&option=com_content&task=%22%20onmouseover%3dprompt%28dclabs%29%20dcl%3d%22  
  
/elxis/administrator/index.php/%22onmouseover=prompt(dclabs)%3E  
  
  
All flaws described here were discovered and researched by:  
  
Ewerson Guimaraes aka Crash  
DcLabs Security Research Group  
crash (at) dclabs <dot> com <dot> br  
  
[Patch(s) / Workaround]  
  
http://forum.elxis.org/index.php?PHPSESSID=v9i7kgmmb2554ldmlcmbj32ugjd0ngpc&topic=5144.msg43327#msg43327  
  
[Greetz]  
DcLabs Security Research Group.  
  
--  
Ewerson Guimaraes (Crash)  
Pentester/Researcher  
DcLabs Security Team  
www.dclabs.com.br  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
05 Dec 2011 00:00Current
elxis cmscross site scriptingvulnerabilitypatchdclabs security team
38