AjentiCP 1.2.23.13 - Cross-Site Scripting Vulnerability

# Title: AjentiCP 1.2.23.13 - Cross-Site Scripting
# Author: Numan OZDEMIR (https://infinitumit.com.tr)
# Vendor Homepage: ajenti.org
# Software Link: https://github.com/ajenti/ajenti
# Version: Up to v1.2.23.13
# CVE: CVE-2018-18548
 
# Description:
 
# Attacker can inject JavaScript codes without Ajenti privileges by this
# vulnerabillity.
# Normally an attacker cant intervene to Ajenti without Ajenti privileges.
# But with this vulnerability, if attacker can create a folder (may be by
# a web app vulnerability) he can run
# bad-purposed JavaScript codes on Ajenti user's browser, while the user
# using File Manager tool.
# So this vulnerability makes high risk.
 
# How to Reproduce:
1)- Create a directory as named xss payload. Like, im<img src onerror=alert(1337)>dir
2)- Open this directory in File Manager tool in Ajenti server admin panel.

#  0day.today [2018-10-26]  #