what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Clipper CMS 1.3.3 Cross Site Scripting

Clipper CMS 1.3.3 Cross Site Scripting
Posted May 27, 2018
Authored by Nathu Nandwani

Clipper CMS version 1.3.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-11332
SHA-256 | 1a25358209682c16593be5525afa87f9ed8f0c62a9da515ed48b3457d6c35dc5

Clipper CMS 1.3.3 Cross Site Scripting

Change Mirror Download
# Exploit Title: ClipperCMS 1.3.3 Persistent XSS on 'Site name' field
# Date: 05/27/2018
# Exploit Author: Nathu Nandwani
# Website: http://nandtech.co/
# Vendor Homepage: http://www.clippercms.com/
# Software Link: https://github.com/ClipperCMS/ClipperCMS/releases/tag/clipper_1.3.3
# Version: 1.3.3
# Tested on: Windows 10 x64 (XAMPP, Chrome)
# CVE: CVE-2018-11332

*Description

A persistent/stored cross-site scripting (XSS) vulnerability in the "Site Name" field found in the "site" tab under configurations in ClipperCMS 1.3.3 has been discovered because it didn't sanitize user input. It allows authenticated remote attackers to inject arbitrary web script or HTML via a crafted site name to the manager/processors/save_settings.processor.php file.

*Proof of Concept

1. Attacker logs in as an administrator of the site.
2. Attacker visits the tools->configurations tab and enters the script below in the "Site name" field:
<script>alert('XSS')</script>
3. Once the "Save" button is clicked, the payload will execute.
4. When an unauthenticated user visits the login page "ClipperCMS/manager/", the payload will also execute.

*Mitigation

See https://github.com/nathunandwani/ClipperCMS/commit/f286fbfa81dc3728dbbf6d9d817c8848edcad0b2

Timeline

2018-05-21-Vulnerability reported to ClipperCMS development team
2018-05-21-CVE requested from mitre.org
2018-05-22-ClipperCMS development team acknowledges but according to them, bug is more on a trust issue rather than coding
2018-05-22-Added a potential fix in GitHub
2015-05-24-CVE published by mitre: https://twitter.com/CVEnew/status/999689171227865093

Login or Register to add favorites

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close