| 제목 | Sitemagic CMS v4.4.1 - Multiple Cross-Site-Scripting (XSS) |
|---|
| 설명 | It was identified that Sitemagic CMS v4.4.1 was vulnerable to multiple unauthenticated Reflected Cross-Site Scripting.
Reflected Cross-Site Scripting vulnerabilities arise when data from a request is reflected in the immediate response in an unsafe manner. An attacker can exploit this behavior to inject JavaScript code into a specially crafted request. If this request is issued by an application user, the injected JavaScript code will execute in that user's browser in the context of the user's session with the application.
The injected code can carry out a number of malicious functions on the attacker's behalf, including retrieving active session tokens for the application, retrieving browser cache history, recording keystrokes and bypassing other security features such as CSRF protection.
The following URLs showed to be affected and can be used as a PoC:
• /sitemagic/index.php/'-alert(document.cookie)-'a/b/c/
• /sitemagic/upgrade.php?UpgradeMode=%3Cscript%3Ealert(document.cookie)%3C%2fscript%3E
In the first case, the XSS is obtained manipulating the request URL directly, while in the second one, the parameter “UpgradeMode” showed to be insufficiently validated.
The vulnerability was acknowledged by the vendor, that published a patched version (4.4.2). Moreover, the CVE ID: CVE-2019-18219 was assigned to this issue. |
|---|
| 원천 | ⚠️ https://github.com/Jemt/SitemagicCMS/blob/master/changelog.txt |
|---|
| 사용자 | Anonymous User |
|---|
| 제출 | 2019. 10. 21. PM 04:50 (7 연령 ago) |
|---|
| 모더레이션 | 2019. 10. 22. AM 09:16 (16 hours later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 144007 [Codemagic Sitemagic CMS 4.4.1 /sitemagic/index.php 크로스 사이트 스크립팅] |
|---|
| 포인트들 | 20 |
|---|