Xoops CMS version 2.5.7.1 suffers from a persistent cross site scripting vulnerability.
6d96a583b5517d793a50ea4d7ed9518604a1e1041b363fdc87ac95943b0e4919
Hi Team,
#Affected Vendor: http://www.xoops.org/
#Date: 24/04/2015
#Discovered by: Joel Vadodil Varghese
#Type of vulnerability: Persistent XSS
#Tested on: Windows 8.1
#Product: Xoops CMS
#Version: 2.5.7.1
#Tested Link:
http://localhost/Xoops/htdocs/modules/system/admin.php?fct=preferences&op=show&confcat_id=3
Description: Xoops CMS is a free open source content management systems
(CMS), written in PHP. It uses a modular architecture allowing users to
customize, update and theme their websites. Xoops CMS is vulnerable to
stored xss vulnerability in spite of the Protector Center Module. The
parameter "footer" is the vulnerable parameter which will lead to its
compromise.
#Proof of Concept (PoC):
%22%3E%3Cimg+src%3D%22blah.jpg%22+onerror%3D%22alert%28%27pwned%27%29%22%2F%3E
--
Regards,
*Joel V*