SocialCMS 1.0.2 (and lower) is prone to a persistent XSS vulnerability due to an improper input sanitization of “TR_title” parameter, passed to “my_admin/admin1_list_pages.php” via http POST method. Exploiting this vulnerability an authenticated user – which is able to publish an article – could insert arbitrary code in web management interface “Title” field – under “my_admin/admin1_list_pages.php?id=<page_id>&action=edit” – that will be executed when an administrator – or another user – will browse that web page.
MITRE CVE Numbering Authority assigned me CVE-2012-1982 for this vulnerability.
To view my Original Advisory:
SocialCMS 1.0.2 XSS (Persistent and Reflected) Advisory
Other related publications: