Full Disclosure mailing list archives

By Date By Thread Thelia 2.2.1: XSS From: "Curesec Research Team (CRT)" <crt () curesec com>

Date: Fri, 13 Nov 2015 17:03:21 +0100

Security Advisory - Curesec Research Team 1. Introduction Affected Product: Thelia 2.2.1 Fixed in: not fixed Fixed Version Link: n/a Vendor Contact: info () thelia net Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor: 09/29/2015 Disclosed to public: 11/13/2015 Release mode: Full Disclosure CVE: n/a Credits Tim Coen of Curesec GmbH 2. Overview CVSS Medium 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N Description Thelia 2.2.1 suffers from an XSS vulnerability. With this, it is for example possible to inject JavaScript keyloggers, or to bypass CSRF protection. 3. Proof of Concept http://localhost/thelia_2.1.5/web/admin/home/stats?month=95<img src=no onerror=alert(1)>&year=20155<img src=no onerror=alert(2)> 4. Solution This issue has not been fixed by the vendor 5. Report Timeline 09/29/2015 Informed Vendor about Issue (no reply) 10/21/2015 Reminded Vendor of Disclosure Date (no reply) 11/13/2015 Disclosed to public Blog Reference: http://blog.curesec.com/article/blog/Thelia-221-XSS-90.html _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/ By Date By Thread Current thread: Thelia 2.2.1: XSS Curesec Research Team (CRT) (Nov 14)