*CVE-2014-8753 Cit-e-Net Multiple XSS (Cross-Site Scripting) Security Vulnerabilities* Exploit Title: Cit-e-Net Multiple XSS (Cross-Site Scripting) Security Vulnerabilities Product: Cit-e-Access Vendor: Cit-e-Net Vulnerable Versions: Version 6 Tested Version: Version 6 Advisory Publication: Feb 12, 2015 Latest Update: Feb 12, 2015 Vulnerability Type: Cross-Site Scripting [CWE-79] CVE Reference: CVE-2014-8753 CVSS Severity (version 2.0): CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N) (legend) Impact Subscore: 2.9 Exploitability Subscore: 8.6 Credit: Wang Jing [Mathematics, Nanyang Technological University, Singapore] *Advisory Details:* *(1) Vendor & Product Description:* *Vendor:* Cit-e-Net *Product & Version: * Cit-e-Access Version 6 *Vendor URL & Download: * Cit-e-Net can be downloaded from here, https://www.cit-e.net/citeadmin/help/cntrainingmanualhowto.pdf http://demo.cit-e.net/ http://www.cit-e.net/demorequest.cfm http://demo.cit-e.net/Cit-e-Access/ServReq/?TID=1&TPID=17 *Product Introduction:* "We are a premier provider of Internet-based solutions encompassing web site development and modular interactive e-government applications which bring local government, residents and community businesses together." "Cit-e-Net provides a suite of on-line interactive services to counties, municipalities, and other government agencies, that they in turn can offer to their constituents. The municipal government achieves a greater degree of efficiency and timeliness in conducting the daily operations of government, while residents receive improved and easier access to city hall through the on-line access to government services." *(2) Vulnerability Details:* Cit-e-Access has a security problem. It can be exploited by XSS attacks. *(2.1)* The first vulnerability occurs at "/eventscalendar/index.cfm?" page with "&DID" parameter in HTTP GET. *(2.2)* The second vulnerability occurs at "/search/index.cfm?" page with "&keyword" parameter in HTTP POST. *(2.3)* The third vulnerability occurs at "/news/index.cfm" page with "&jump2" "&DID" parameter in HTTP GET. *(2.4)* The fourth vulnerability occurs at "eventscalendar?" page with "&TPID" parameter in HTTP GET. *(2.5) *The fifth vulnerability occurs at "/meetings/index.cfm?" page with "&DID" parameter in HTTP GET. *(3) Solutions:* Leave message to vendor. No response. http://www.cit-e.net/contact.cfm *References:* http://tetraph.com/security/cves/cve-2014-8753-cit-e-net-multiple-xss-cross-site-scripting-security-vulnerabilities/ http://securityrelated.blogspot.com/2015/02/cve-2014-8753-cit-e-net-multiple-xss.html https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8753 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8753 https://security-tracker.debian.org/tracker/CVE-2014-8753 http://www.cvedetails.com/cve/CVE-2014-8753/ http://www.security-database.com/detail.php?alert=CVE-2014-8753 http://packetstormsecurity.com/files/cve/CVE-2014-8753 http://www.inzeed.com/kaleidoscope/cves/cve-2014-8753/ http://www.pentest.it/cve-2014-8753.html http://www.naked-security.com/cve/CVE-2014-8753/ http://diebiyi.com/articles/%E5%AE%89%E5%85%A8/cve-2014-8753/ http://007software.net/cve-2014-8753/ https://itinfotechnology.wordpress.com/2015/02/12/cve-2014-8753/ https://security-tracker.debian.org/tracker/CVE-2014-8753 -- Wang Jing, Division of Mathematical Sciences (MAS), School of Physical and Mathematical Sciences (SPMS), Nanyang Technological University (NTU), Singapore. http://www.tetraph.com/wangjing/ https://twitter.com/justqdjing