CMS MADE SIMPLE FORGE

CMS Made Simple Core

 
Back Back to List

[#12321] Cross Site Scripting Vulnerability on "Logic" via Content Manager feature in CMS Made Simple v2.2.14

avatar
Created By: luuthehienhbit (luuthehienhbit@gmail.com)
Date Submitted: Mon Jun 15 04:23:15 -0400 2020

Assigned To:
Version: 2.2.14
CMSMS Version: 2.2.14
Severity: None
Resolution: Won't Fix
State: Closed
Summary:
Cross Site Scripting Vulnerability on "Logic" via Content Manager feature in CMS Made Simple v2.2.14
Detailed Description:
**Expected behaviour
An authenticated malicious user can take advantage of a Stored XSS vulnerability
on "Logic" via Content Manager feature in CMS Made Sinple v2.2.14 feature.
**Impact
Commonly include transmitting private data, like cookies or other session
information, to the attacker, redirecting the victim to web content controlled
by the attacker, or performing other malicious operations on the user’s machine
under the guise of the vulnerable site.
**Steps to reproduce
  1.Log into the Admin.
  2.Go to "Content Manager"
  3.Click "Logic"
4.Add Payload on Page Specific Metadata:
'><details/open/ontoggle=confirm(1337)>
  5.View Content Page


History

Comments
avatar 
Date: 2020-09-15 04:08
Posted By: Rolf (rolf1)

Thanks for your report. The Logic field is meant to put code in and it is only
accessible for approved administrators... If you don't trust your admins, don't
give them access to (this field in) the admin panel.
Updates

Updated: 2020-11-03 14:42
state: Open => Closed

Updated: 2020-09-15 04:08
resolution_id: 5 => 8
severity_id: 3 => 12

Updated: 2020-06-15 05:32
summary: Cross Site Scripting Vulnerability on "Logic" via Content Manager feature in CMS Made Sinple v2.2.14 => Cross Site Scripting Vulnerability on "Logic" via Content Manager feature in CMS Made Simple v2.2.14
resolution_id: => 5