SLiMS 7 Cendana – Multiple Cross-Site Scripting (XSS) #50
Comments
|
Excuse me, is there anyone dealing with this issue? |
|
Fixed |
|
Thanks very much .🙏Mr. Hendro
Pada tanggal 16 Mar 2017 10.35 PM, "Hendro Wicaksono" <
[email protected]> menulis:
… Fixed
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#50 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/ABD2TlrHOKQE1Y2TFYERBubkU9kKwDzQks5rmVa-gaJpZM4MSiYp>
.
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Product: SLiMS 7 Cendana
Download: https://github.com/slims/slims7_cendana
Vunlerable Version: latest version
Tested Version: latest version
Author: ADLab of Venustech
Advisory Details:
Multiple Cross-Site Scripting (XSS) were discovered in“SLiMS 7 Cendana latest version”, which can be exploited to execute arbitrary code.
The vulnerabilities exist due to insufficient filtration of user-supplied data in the “id” HTTP GET parameter passed to the “slims7_cendana-master/template/default/detail_template.php” and “slims7_cendana-master/template/default-rtl/detail_template.php” URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.
The exploitation examples below use the "alert()" JavaScript function to see a pop-up messagebox:
Poc:
(1)
http://localhost/.../slims7_cendana-master/template/default/detail_template.php?id=%22%3E%3Cscript%3Ealert(1);%3C/script%3E%3C%22
(2)
http://localhost/.../slims7_cendana-master/template/default-rtl/detail_template.php?id=%22%3E%3Cscript%3Ealert(1);%3C/script%3E%3C%22
The text was updated successfully, but these errors were encountered: