Redaxo 4.4 Cross Site Scripting Vulnerability

ID 1337DAY-ID-19062
Type zdt
Reporter High-Tech Bridge
Modified 2012-07-26T00:00:00


Exploit for php platform in category web applications

                                            Vendor: Redaxo team
Vulnerable Version(s): 4.4 and probably prior
Tested Version: 4.4
Vendor Notification: 4 July 2012 
Vendor Patch: 23 July 2012 
Public Disclosure: 25 July 2012 
Vulnerability Type: Cross-Site Scripting (XSS)
CVE Reference: CVE-2012-3869
CVSSv2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
Solution Status: Fixed by Vendor
Risk Level: Medium 
Discovered and Provided: High-Tech Bridge Security Research Lab ( ) 


Advisory Details:

High-Tech Bridge Security Research Lab has discovered vulnerability in Redaxo, which can be exploited to perform Cross-Site Scripting (XSS) attacks.

1) Cross-Site Scripting (XSS) in Redaxo: CVE-2012-3869

1.1 Input passed via the "subpage" GET parameter to /redaxo/index.php (when "page" is set to "user" or "template") is not properly sanitised before being returned to the user.

This can be exploited to execute arbitrary HTML and script code in administrator's browser session in context of affected website.

The following PoC (Proof of Concept) demonstrate the vulnerability:




Apply vendor's patch:
More Information:



[1] High-Tech Bridge Advisory HTB23098 - - Cross-Site Scripting (XSS) in Redaxo.
[2] Redaxo - - PHP MySQL Open Source Content Management System.
[3] Common Vulnerabilities and Exposures (CVE) - - international in scope and free for public use, CVE® is a dictionary of publicly known information security vulnerabilities and exposures.


# [2018-04-09]  #