[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Modx CMS CSRF Bypass & XSS Vulnerabilities

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Modx CMS CSRF Bypass & XSS Vulnerabilities
From: bhati.contact@xxxxxxxxx
Date: Mon, 3 Nov 2014 18:21:28 GMT

Public Disclosure -
http://hacktivity.websecgeeks.com/modx-csrf-and-xss/
===========================================
Product: MODX Revolution
Severity: Critical
Versions: 2.0.0?2.2.14
Vulnerability type: CSRF & XSS
Report date: 2014-Jul-10
Fixed date: 2014-Jul-15

Description 
A significant vulnerability was discovered in the Manager login of MODX 
Revolution that also affects the use of the Login Extra. A malicious user could 
formulate a link that automatically logs the user into their own account, then 
redirects the user to a site the attacker controls immediately, exposing the 
user's CSRF token. This can be exploited with or without getting the user to 
enter their credentials in the form.

Affected Releases
All MODX Revolution releases prior to and including 2.2.14.

Solution
Upgrade to MODX Revolution 2.2.15. Due to the nature of this issue and the 
number of files requiring changes the solution is to upgrade. No installable 
patch or fileset is available for prior versions.

Prev by Date: Ahrareandeysheh CMS Cross-Site Scripting Vulnerability
Next by Date: [slackware-security] seamonkey (SSA:2014-307-04)
Previous by thread: Ahrareandeysheh CMS Cross-Site Scripting Vulnerability
Next by thread: [slackware-security] seamonkey (SSA:2014-307-04)
Index(es):
- Date
- Thread