|
Feeds -
Exploits
|
|
Written by Loukas Kalenderidis
|
|
Tuesday, 24 February 2009 20:57 |
Magento Multiple Cross Site Scripting Vulnerabilities
-\\Bugtraq ID:
33872
-\\Class:
Input Validation Error
-\\CVE:
CVE-2009-0541
-\\Remote:
Yes
-\\Local:
No
-\\Published:
Feb 24 2009 12:00AM
-\\Updated:
Feb 24 2009 02:07PM
-\\Credit:
Loukas Kalenderidis
-\\Vulnerable:
Magento Magento 1.2
-\\Discussion
Magento is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input.
Attacker-supplied HTML and script code would execute in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials.
Magento 1.2.0 is vulnerable; other versions may also be affected.
-\\Exploit(s)/PoC(s):
An attacker can exploit these issues by enticing an unsuspecting victim to follow a malicious URI.
The following examples are available:
http://www.example.com/index.php/admin/
Username: "><script>alert('xss')</script>
http://www.example.com/index.php/admin/index/forgotpassword/
Email address: "><script>alert('xss')</script>
http://www.example.com/downloader/?return=%22%3Cscript%3Ealert('xss')%3C/script%3E
-\\Solution
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at:
This e-mail address is being protected from spambots. You need JavaScript enabled to view it
.
-\\References(s)
--Magento Homepage
http://www.magentocommerce.com (Magento)
--Magento Multiple Cross-Site Scripting Vulnerabilities - Security Advisory - SOS-
http://seclists.org/fulldisclosure/2009/Feb/0255.htm (Sense of Security)
|
