OctavoCMS Cross Site Scripting

2014.07.10

Credit: Andrew Antonio

Risk: Low

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-79

This proprietary content management software is vulnerable to reflected XSS on the file admin/viewer.php, src parameter.
Current release on their demo site is vulnerable, same as other few sites I could find.
PoC: http://demo.oXms.com/admin/viewer.php?src=%22%3E%3C/img%3E%3Ch2%3EThis%20is%20a%20test%3C/h2%3E%3Cscript%3Ealert(123)%3C/script%3E%3C!--%22
On the 9th of June I contacted the guys of OctavoCMS and eMB Group but they have not replied yet. At the moment of this writing the on-line demo still vulnerable.

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

OctavoCMS Cross Site Scripting

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.