oss-security - Symphony CMS 2.6.3 - Multiple Reflected Cross-site Scripting Vulnerability

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [day] [month] [year] [list]

Message-ID: <CAMWaY3NgKkaktuxkBLFX0mA=+FJQPu-vzEQAckVHp2vGU-xUrg@mail.gmail.com>
Date: Tue, 22 Dec 2015 10:49:39 +0000
From: CSW Research Lab <disclose@...ersecurityworks.com>
To: "cve-assign@...re.org" <cve-assign@...re.org>, 
	"oss-security@...ts.openwall.com" <oss-security@...ts.openwall.com>
Subject: Symphony CMS 2.6.3 - Multiple Reflected Cross-site
 Scripting Vulnerability

Hi all

can you please assign CVE for this issue ?

Description
***************
Symphony CMS 2.6.3 is prone to Cross-site scripting vulnerability because
it fails to sanitize user-supplied input in default email settings.An
attacker may leverage this issue to execute arbitrary script code in the
browser of an unsuspecting user of the affected site.


Proof of Concept URL
***************************
[+] http://192.168.56.101/symphony/symphony/system/preferences/

Vulnerable Parameter
**************************
[+] email_sendmail[from_name]
[+] email_sendmail[from_address]
[+] email_smtp[from_name]
[+] email_smtp[from_address]
[+] email_smtp[host]
[+] email_smtp[port]
[+] it_image_manipulation[trusted_external_sites]
[+] maintenance_mode[ip_whitelist]

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.