PlumeCMS 1.2.4 (and below) is prone to multiple peristent XSS vulnerability due to an improper input sanitization of multiple parameters.
- “u_email” and “u_realname” parameters are not correctly sanitized before being passed to server side script “manager/users.php” via http POST method. An attacker – who is able to change his profile settings – could insert malicious code into “Email” and/or “Name” fields- within “Authors” template – in order to create a persistent XSS vulnerability for all user/admin who access to Plume’s management interface.
To view my Original Advisory:
PlumeCMS 1.2.4 Multiple Permanent XSS
MITRE CVE Numbering Authority assigned me CVE-2012-2156 for this vulnerability
Other Advisory’s publications: