In-Portal CMS Cross Site Scripting

Type packetstorm
Reporter MustLive
Modified 2014-09-01T00:00:00


                                            `Hello list!  
After I informed developers in August about multiple vulnerabilities in   
In-Portal CMS and they answered they would fix them soon (so wait for   
disclosure of the first vulnerabilities), I found new hole in this CMS at   
their official site.  
This is Cross-Site Scripting vulnerability in In-Portal CMS. Besides tens   
millions of vulnerable web sites with affected flash files and vulnerable   
multiple plugins for different engines, there are a lot of other vulnerable   
plugins and themes - even five years since my original advisory. This time   
it's a theme for In-Portal CMS.  
This XSS is similar to XSS vulnerability in WP-Cumulus, which I've disclosed   
in 2009 ( Because this theme   
uses tagcloud.swf made by author of WP-Cumulus. About such vulnerabilities I   
wrote in previous years, particularly about millions of flash files   
tagcloud.swf which are vulnerable to XSS attacks I mentioned in my article   
XSS vulnerabilities in 34 millions flash files   
Affected products:  
Vulnerable are all versions of In-Portal CMS with this theme. There can be   
other vulnerable themes for this CMS.  
Cross-Site Scripting (WASC-08):  
XSS at official site of In-Portal CMS:'javascript:alert(document.cookie)'+style='font-size:+40pt'%3EClick%20me%3C/a%3E%3C/tags%3E  
Code will execute after click. It's strictly social XSS   
( Also it's possible to conduct (like in   
WP-Cumulus) HTML Injection attack.  
I mentioned about this vulnerability at my site   
Best wishes & regards,  
Eugene Dokukin aka MustLive  
Administrator of Websecurity web site