Joomla Component Testimonialku 2.1 Persistent XSS Vulnerability

2011.07.27
Credit: v3n0m
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79

Joomla Component Testimonialku 2.1 Persistent XSS Vulnerability Author : v3n0m Twitter : http://twitter.com/#!/coresetup Discovered : July, 27-2011 GMT +7:00 Jakarta, Indonesia Software : Testimonialku Developer : http://www.joomlaku.com/ License : Non-Commercial Version : 2.1 Lower versions may also be affected Dorks : inurl:com_testimonialku ----------------------------------------------------------------------- Software Description: -------------------- Testimonialku is simple components and easy to use, useful for those who want to add menus testimonials on your site each. Because of this component is very simple, so there is no regulation on these components, so you only need to install and publish it. Poc I: ----- Joomla component testimonialku (com_testimonialku) 2.1 is vulnerable to persistent XSS in the administrator panel. A malicious user can submit a testimonial containing <script> tags with absolutely no quotes and inject that script into the administrator panel through any of the available inputs except "email". Fake Submission<script>alert(document.cookie)</script> Now, when an administrator views the latest submissions, the script will execute with that admin's permissions. Poc II: ------ Attack Pattern: "><script>alert(document.cookie)</script> index.php?option=com_testimonialku&Itemid="><script>alert(document.cookie)</script> Solution: -------- Fix not available Credits: ------- www.yogyacarderlink.web.id - irc.yogyacarderlink.web.id


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2017, cxsecurity.com

 

Back to Top