oss-sec mailing list archives

CVE request - BigTree CMS 4.2.13 - Cross-Site Scripting (XSS)

From: haojun hou <haojunhou () gmail com>
Date: Thu, 24 Nov 2016 15:18:02 +0800

Hi:
BigTree CMS 4.2.13 - Cross-Site Scripting (XSS) 

Procuct: BigTree CMS

Vendor: BigTree CMS (https://www.bigtreecms.org/)

Vunlerable Version: 4.2.13 and probably prior

Tested Version: 4.2.13

Author: Haojun Hou in ADLab of Venustech

 

Advisory Details:

Haojun Hou in ADLab of Venustech discovered a Cross-Site Scripting (XSS) in BigTree CMS, which can be exploited to 
add,modify or delete information in application`s database and gain complete control over the application.

 

The vulnerability exists due to insufficientfiltration of user-supplied data in “id” HTTP GET parameter passed to 
“core/admin/adjax/dashboard/check-module-integrity.php” url. An attacker could execute arbitrary HTML and script code 
in browser in context of the vulnerable website.

The exploitation example below uses the "alert()" JavaScript function to see a  pop-up messagebox:

http://localhost/BigTreeCMS/core/admin/adjax/dashboard/check-module-integrity.php?id=“><script>alert(1);</script>< 
<http://localhost/BigTreeCMS/core/admin/adjax/dashboard/check-module-integrity.php?id=>”

 

Could you please help me assign a CVE for this issue?

Current thread:

CVE request - BigTree CMS 4.2.13 - Cross-Site Scripting (XSS) haojun hou (Nov 24)
- <Possible follow-ups>
- CVE request - BigTree CMS 4.2.13 - Cross-Site Scripting (XSS) haojun hou (Dec 06)