Details
===========================
Title :Reflected cross-site scripting
vulnerability in *OcPortal CMS*
Version : 9.0.20
Vendor Homepage :http://ocportal.com/start.htm
Vulnerability Type :Reflected cross-site scripting vulnerability
(XSS)
Risk :High
Status :Fixed
Description
===============================
OcPortal CMS 9.0.20 is prone to a cross-site scripting vulnerability
because it fails to properly sanitize user-supplied input.A value in a
template that is not meant to contain HTML is marked as an escaped value
({VALUE*}). This meant that ‘html entities’ are put in replacement of HTML
control characters.
Vulnerable Parameter
===============================
[*FIELD_NAME*]
Remote Exploitable
===============================
*Yes*
Technical Details
==============================
https://github.com/cybersecurityworks/Disclosed/issues/11
Solution
==============================
Upgrade to latest version 9.0.21
https://ocportal.com/site/sites.htm
OR
Vendor has released patch for this issue, please refer below link
http://ocportal.com/site/news/view/security_issues/security-patch-for-xss.htm?filter=1%2C2%2C3%2C29%2C30
Timeline
==============================
2015-11-06 - First Contact
2015-11-06 - Vendor Response
2015-11-07 - Vendor Fixed
2015-11-13 - Public Disclosure
Credits & Author
==============================
Arjun Basnet from Cyber Security Works Pvt. Ltd (
http://www.cybersecurityworks.com/)
About Cybersecurityworks
==============================
Cybersecurity Works is basically an auditing company passionate working on
findings & reporting security flaws & vulnerabilities on web application
and network. As professionals, we handle each client differently based on
their unique requirements. Visit our website
http://www.cybersecurityworks.com/ for more information.
--
----------
Cheers !!!
Team CSW