oss-sec mailing list archives
Re: CVE Request -- CMS BEdita v. 3.4.0 -- Multiple stored XSS vulnerabilities
From: cve-assign () mitre org
Date: Sun, 11 Jan 2015 09:46:43 -0500 (EST)
I found multiple stored XSS vulnerabilities in the administrative backend of CMS BEdita v.3.4.0 (release-date: 9th-May-2014). The vulnerabilities can be found in the following paths of a common BEdita installation: http://{TARGET}/index.php/home/profile (in form with id ???editProfile??? via input field with id ???lrealname") http://{TARGET}/index.php/ (in form with id ???addQuickItem??? via input field with name "data[title]" and name "data[description]") http://{TARGET}/index.php/areas (in form with id ???saveNote??? via input field with id ???note text") http://{TARGET}/index.php/documents/view (in form with id ???updateForm??? via input field with id ???titleBEObject??? and input field with id ???tagsArea???) The vulnerabilities can be exploited by using arbitray HTML- and/or JavaScriptcode, e.g. <script>alert(document.cookie)</script>. Could you please assign a CVE-ID for it? Thank you. Greetings. Steffen R??semann References: [1] http://www.bedita.com [2] http://sroesemann.blogspot.de/2014/12/sroeadv-2014-10.html [3] https://github.com/bedita/bedita/issues/566 [4] http://seclists.org/fulldisclosure/2015/Jan/16
Use CVE-2015-1040. --- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ]
Current thread:
- CVE Request -- CMS BEdita v. 3.4.0 -- Multiple stored XSS vulnerabilities Steffen Rösemann (Jan 08)
- Re: CVE Request -- CMS BEdita v. 3.4.0 -- Multiple stored XSS vulnerabilities cve-assign (Jan 11)