|
 |
|
Alkacon OpenCms Multiple Vulnerabilities
|
|
|
|
|
Secunia Advisory:
|
SA29278
|
|
|
Release Date:
|
2008-03-11
|
|
Last Update:
|
2008-04-15
|
|
|
Critical:
|
Less critical
|
|
Impact:
|
Cross Site Scripting
Exposure of sensitive information
|
|
Where:
|
From remote
|
|
Solution Status:
|
Unpatched
|
|
| Software: | Alkacon OpenCms 7.x
|
| | CVE reference: | CVE-2008-1300 (Secunia mirror)
CVE-2008-1301 (Secunia mirror)
CVE-2008-1510 (Secunia mirror)
CVE-2008-1753 (Secunia mirror)
|
|
|
This advisory is currently marked as unpatched!
- Companies can be alerted when a patch is released! |
|
|
Description:
nnposter has discovered some vulnerabilities in Alkacon OpenCms, which can be exploited by malicious users to disclose potentially sensitive information and malicious people to conduct cross-site scripting attacks.
1) Input passed to the "filePath" parameter in opencms/system/workplace/admin/workplace/logfileview/logfileViewSettings.jsp is not properly sanitised before being returned to an administrator. This can be exploited to execute arbitrary HTML and script code in an administrator's browser session in context of an affected site.
2) Input passed to the "filePath" parameter in opencms/system/workplace/admin/workplace/logfileview/logfileViewSettings.jsp is not properly verified before being used to display files, which can be exploited to disclose the content of arbitrary files.
Successful exploitation requires valid administrator credentials.
3) Input passed to the "searchfilter" parameter in opencms/system/workplace/admin/accounts/users_list.jsp and opencms/system/workplace/admin/workplace/sessions.jsp is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
The vulnerabilities are confirmed in version 7.0.4. Other versions may also be affected.
Solution:
Restrict access to trusted users. Do not visit untrusted sites while logged in.
Provided and/or discovered by:
nnposter
Changelog:
2008-03-19: Added CVE reference.
2008-03-25: Added vulnerability #3.
2008-03-27: Added CVE reference.
2008-04-07: Added additionally affected file to vulnerability #3.
2008-04-15: Added CVE reference.
|
|
|
|
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
|
|
|
1 Related Secunia Security Advisories
|
|
|
1. Alkacon OpenCms "resource" Cross-Site Scripting Vulnerability
|
|
|
Send Feedback to Secunia
|
|
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.
|
|
|
|
|
|
Secunia PSI
Scan | Patch | Track
Free Download
|
|
|
Secunia Poll
|
|
|
|
|
 |
|
|
Most Popular Advisories
|
|
|
|
|
|
