Cit-e-Net 6 Cross Site Scripting

`*CVE-2014-8753 Cit-e-Net Multiple XSS (Cross-Site Scripting) Security  
Vulnerabilities*  
  
  
Exploit Title: Cit-e-Net Multiple XSS (Cross-Site Scripting) Security  
Vulnerabilities  
Product: Cit-e-Access  
Vendor: Cit-e-Net  
Vulnerable Versions: Version 6  
Tested Version: Version 6  
Advisory Publication: Feb 12, 2015  
Latest Update: Feb 12, 2015  
Vulnerability Type: Cross-Site Scripting [CWE-79]  
CVE Reference: CVE-2014-8753  
CVSS Severity (version 2.0):  
CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N) (legend)  
Impact Subscore: 2.9  
Exploitability Subscore: 8.6  
Credit: Wang Jing [Mathematics, Nanyang Technological University, Singapore]  
  
  
  
  
  
*Advisory Details:*  
*(1) Vendor & Product Description:*  
  
*Vendor:*  
Cit-e-Net  
  
*Product & Version: *  
Cit-e-Access  
Version 6  
  
*Vendor URL & Download: *  
Cit-e-Net can be downloaded from here,  
https://www.cit-e.net/citeadmin/help/cntrainingmanualhowto.pdf  
http://demo.cit-e.net/  
http://www.cit-e.net/demorequest.cfm  
http://demo.cit-e.net/Cit-e-Access/ServReq/?TID=1&TPID=17  
  
*Product Introduction:*  
"We are a premier provider of Internet-based solutions encompassing web  
site development and modular interactive e-government applications which  
bring local government, residents and community businesses together."  
  
"Cit-e-Net provides a suite of on-line interactive services to counties,  
municipalities, and other government agencies, that they in turn can offer  
to their constituents. The municipal government achieves a greater degree  
of efficiency and timeliness in conducting the daily operations of  
government, while residents receive improved and easier access to city hall  
through the on-line access to government services."  
  
  
  
  
*(2) Vulnerability Details:*  
Cit-e-Access has a security problem. It can be exploited by XSS attacks.  
  
*(2.1)* The first vulnerability occurs at "/eventscalendar/index.cfm?" page  
with "&DID" parameter in HTTP GET.  
  
*(2.2)* The second vulnerability occurs at "/search/index.cfm?" page with  
"&keyword" parameter in HTTP POST.  
  
*(2.3)* The third vulnerability occurs at "/news/index.cfm" page with  
"&jump2" "&DID" parameter in HTTP GET.  
  
*(2.4)* The fourth vulnerability occurs at "eventscalendar?" page with  
"&TPID" parameter in HTTP GET.  
  
*(2.5) *The fifth vulnerability occurs at "/meetings/index.cfm?" page with  
"&DID" parameter in HTTP GET.  
  
  
  
  
*(3) Solutions:*  
Leave message to vendor. No response.  
http://www.cit-e.net/contact.cfm  
  
  
  
  
  
  
  
  
  
*References:*  
http://tetraph.com/security/cves/cve-2014-8753-cit-e-net-multiple-xss-cross-site-scripting-security-vulnerabilities/  
http://securityrelated.blogspot.com/2015/02/cve-2014-8753-cit-e-net-multiple-xss.html  
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8753  
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8753  
https://security-tracker.debian.org/tracker/CVE-2014-8753  
http://www.cvedetails.com/cve/CVE-2014-8753/  
http://www.security-database.com/detail.php?alert=CVE-2014-8753  
http://packetstormsecurity.com/files/cve/CVE-2014-8753  
http://www.inzeed.com/kaleidoscope/cves/cve-2014-8753/  
http://www.pentest.it/cve-2014-8753.html  
http://www.naked-security.com/cve/CVE-2014-8753/  
http://diebiyi.com/articles/%E5%AE%89%E5%85%A8/cve-2014-8753/  
http://007software.net/cve-2014-8753/  
https://itinfotechnology.wordpress.com/2015/02/12/cve-2014-8753/  
https://security-tracker.debian.org/tracker/CVE-2014-8753  
  
  
  
  
  
  
  
--  
Wang Jing,  
Division of Mathematical Sciences (MAS),  
School of Physical and Mathematical Sciences (SPMS),  
Nanyang Technological University (NTU),  
Singapore.  
http://www.tetraph.com/wangjing/  
https://twitter.com/justqdjing  
  
  
`