SeedDMS 6.0.28 Cross Site Scripting

2024.10.02
Credit: Marco Nappi
Risk: Low
Local: No
Remote: Yes
CWE: CWE-79

[CVE-ID]:CVE-2024-46409 --------------------------------------------------------------------- [Suggested description]A stored cross-site scripting (XSS) vulnerability in SeedDMS v6.0.28 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name parameter in the Calendar page. --------------------------------------------------------------------- [Additional Information]:To reproduce it, follow this steps: 1) log into SeedMS 2) create a new event named <svg onload=alert()> 3) go to https://demo6.seeddms.org/out/out.LogManagement.php?logname=<date>.log --------------------------------------------------------------------- [Vulnerability Type]:Cross Site Scripting (XSS) --------------------------------------------------------------------- [Vendor of Product]:SeedDMS ------------------------------------------------------------------- [Affected Product Code Base]:SeedDMS - 6.0.28 ------------------------------------------------------------------- [Affected Component]:The affected param is the Event name param in the post request ------------------------------------------------------------------- [Attack Type]:Remote --------------------------------------------------------------------- [Impact Information Disclosure]:true -------------------------------------------------------------------- [CVE Impact Other]: Run Arbitrary Javascript code -------------------------------------------------------------------- [Attack Vectors]:A Crafted name for any event in the calendar -------------------------------------------------------------------- [Has vendor confirmed or acknowledged the vulnerability?]:true -------------------------------------------------------------------- [Discoverer]:Marco Nappi --------------------------------------------------------------------- [Reference]:http://seeddms.com


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top