oss-sec mailing list archives

CVE request - itdb 1.23 Cross-Site Scripting (XSS)

From: haojun hou <haojunhou () gmail com>
Date: Thu, 24 Nov 2016 15:24:04 +0800

Hi:
itdb 1.23 - Cross-Site Scripting (XSS) 

Procuct: IT Items DataBase

Vendor: ITDB http://www.sivann.gr/software/itdb/

Vunlerable Version: 1.23 and probably prior

Tested Version: 1.23

Author: Haojun Hou in ADLab of Venustech


Advisory Details:

Haojun Hou in ADLab of Venustech discovered a Cross-Site Scripting (XSS) in itdb <>, which can be exploited to 
add,modify or delete information in application`s database and gain complete control over the application.



The vulnerability exists due to insufficientfiltration of user-supplied data in “value” HTTP POST parameter passed to 
“itdb-1.23/js/DataTables-1.8.2/examples/examples_support/editable_ajax.php” url. An attacker could execute arbitrary 
HTML and script code in browser in context of the vulnerable website.

The exploitation example below uses the "alert()" JavaScript function to see a  pop-up messagebox:

POST value="><script>alert(1);</script><"

http://localhost/itdb-1.23/js/DataTables-1.8.2/examples/examples_support/editable_ajax.php 
<http://localhost/itdb-1.23/js/DataTables-1.8.2/examples/examples_support/editable_ajax.php>

Could you please help me assign a  CVE for this issue?

Current thread:

CVE request - itdb 1.23 Cross-Site Scripting (XSS) haojun hou (Nov 24)