communecter – Cross-Site Scripting (XSS)

Question

communecter – Cross-Site Scripting (XSS)

bestshow opened this issue 8 years ago · 1 comments

Product: communecter
Download: https://github.com/pixelhumain/communecter
Vunlerable Version: V.0.15.2temp and probably prior
Tested Version: V.0.15.2temp
Author: ADLab of Venustech

Advisory Details:
A Cross-Site Scripting (XSS) was discovered in “communecter V.0.15.2temp”, which can be exploited to execute arbitrary code.
The vulnerability exists due to insufficient filtration of user-supplied data in the “id” HTTP GET parameter passed to the “communecter-master/views/news/old/newsSV.php” URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.
The exploitation example below uses the "alert()" JavaScript function to see a pop-up messagebox:
Poc:
http://localhost/.../communecter-master/views/news/old/newsSV.php?id=%22%3E%3Cscript%3Ealert(1);%3C/script%3E%3C%22

Answer 1 · 2017-03-29T10:21:01.000Z

yo @clement59 tu peux jeter un oeil ?