by r0t,der4444,cembo,VietMafia

Saturday, December 17, 2005

Cofax XSS vuln.

Cofax XSS vuln.

Vuln. discovered by : r0t
Date: 17 dec. 2005
vendor:http://www.cofax.org
affected version: 2.0 RC3 and prior

Product Description

Cofax is a web-based text and multimedia publication system. It was designed to simplify the presentation of newspapers on the Web and to expedite real-time Web publication. Currently, Cofax is used across the world as an open source, scalable and powerful content management solution provided by numerous independent solution providers.


Vuln. Description:

Cofax contains a flaw that allows a remote cross site scripting attack. This flaw exists because input passed to "searchstring" paremter isn't properly sanitised before being returned to the user.
This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.


example:
/search.htm?searchstring2=&searchstring=[XSS]


Solution:
Edit the source code to ensure that input is properly sanitised.

0 Comments:

Post a Comment

<< Home

 
Copyright (c) 2006 Pridels Sec Crew