SyndeoCMS <= 3.0.01 Persistent XSS

SyndeoCMS 3.0.01 (and lower) is prone to a persistent XSS vulnerability due to an improper input sanitization of  “email” parameter, passed to server side logic (path: “starnet/index.php”) via http POST method.
Exploiting this vulnerability an authenticated user – which is able to change his profile settings – could insert arbitrary code in “Site email” field that will be executed when another admin or user clicks on that user’profile.

MITRE CVE Numbering Authority assigned me CVE-2012-1979 for this vulnerability.

To view my Original Advisory:
SyndeoCMS <= 3.0.01 Persistent XSS Advisory

Other related publications:
http://osvdb.org/show/osvdb/80746
http://www.securityfocus.com/bid/52840
http://xforce.iss.net/xforce/xfdb/74545
http://packetstormsecurity.org/files/111405/SyndeoCMS-3.0.01-Cross-Site-Scripting.html
http://www.exploit-db.com/exploits/18686/
http://1337day.com/exploits/17894
http://www.thecybernuxbie.com/exploit-report/syndeocms-3-0-01-persistent-xss-vulnerability.aspx

Leave a Reply

Your email address will not be published. Required fields are marked *