Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

KeystoneJS 4.0.0-beta.5 Unauthenticated Stored Cross Site Scripting

🗓️ 25 Oct 2017 00:00:00Reported by Ishaq MohammedType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 35 Views

KeystoneJS 4.0.0-beta.5 Unauthenticated Stored Cross Site Scriptin

Related
Code
ReporterTitlePublishedViews
Family
0day.today		KeystoneJS 4.0.0-beta.5 Unauthenticated Stored Cross Site Scripting Vulnerability
25 Oct 201700:00
zdt
CNVD		KeystoneJS Cross-Site Scripting Vulnerability (CNVD-2017-32889)
25 Oct 201700:00
cnvd
CVE		CVE-2017-15878
24 Oct 201721:00
cve
Cvelist		CVE-2017-15878
24 Oct 201721:00
cvelist
Exploit DB		KeystoneJS 4.0.0-beta.5 - Cross-Site Scripting
25 Oct 201700:00
exploitdb
EUVD		EUVD-2017-0346
7 Oct 202500:30
euvd
exploitpack		KeystoneJS 4.0.0-beta.5 - Cross-Site Scripting
25 Oct 201700:00
exploitpack
Github Security Blog		Cross-Site Scripting in keystone
15 Nov 201719:44
github
NVD		CVE-2017-15878
24 Oct 201721:29
nvd
OSV		GHSA-7QCX-JMRC-H2RR Cross-Site Scripting in keystone
15 Nov 201719:44
osv
Rows per page
`# Exploit Title: KeystoneJS 4.0.0-beta.5 Unauthenticated Stored XSS  
# Vendor Homepage: http://keystonejs.com/  
# Exploit Author: Ishaq Mohammed  
# Contact: https://twitter.com/security_prince  
# Website: https://about.me/security-prince  
# Category: WEBAPPS  
# Platform: Node.js  
# CVE: CVE-2017-15878  
  
Vendor Description:  
  
KeystoneJS is a powerful Node.js content management system and web app  
framework built on express and mongoose. Keystone makes it easy to create  
sophisticated web sites and apps, and comes with a beautiful auto-generated  
Admin UI.  
Source: https://github.com/keystonejs/keystone/blob/master/README.md  
  
Technical Details and Exploitation:  
  
A cross-site scripting (XSS) vulnerability exists in  
fields/types/markdown/MarkdownType.js in KeystoneJS before 4.0.0-beta.7 via  
the Contact Us feature.  
  
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15878  
  
Proof of Concept:  
  
1. Navigate to Contact Us page  
2. Fill in the details needed and enter the below payload in message field  
and send  
<a onmouseover=alert(document.cookie)>XSS link</a>  
3. Now login as admin and navigate to the above new record created in the  
enquiries  
4. Move the cursor on the text aXSS linka  
  
Solution:  
  
The issues have been fixed and the vendor has released the patches  
  
https://github.com/keystonejs/keystone/pull/4478/commits/5cb6405dfc0b6d59003c996f8a4aa35baa6b2bac  
  
Reference:  
  
https://github.com/keystonejs/keystone/pull/4478  
https://securelayer7.net/download/pdf/KeystoneJS-Pentest-Report-SecureLayer7.pdf  
  
--   
Best Regards,  
Ishaq Mohammed  
https://about.me/security-prince  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
25 Oct 2017 00:00Current
6Medium risk
Vulners AI Score6
EPSS0.03604
keystonejsnode.jscross site scriptingunauthenticatedvendor descriptionexploitcontact uscve-2017-15878proof of conceptsolutionpatchreferencepentest report
35