[MajorSecurity SA-074]CMS RedAks 2.0 - Multiple Cross-site- Scripting issues

From: david.kurz@majorsecurity.net
To: bugtraq@securityfocus.com
Subject: [MajorSecurity SA-074]CMS RedAks 2.0 - Multiple Cross-site- Scripting issues

[MajorSecurity SA-074]CMS RedAks 2.0 - Multiple Cross-site Scripting issues 

Product: CMS RedAks 2.0
Security-Risk: moderated
Remote-Exploit: yes
Vendor-URL: http://www.redaks.com/
Advisory-Status: published

Discovered by: David Vieira-Kurz of MajorSecurity

Original Advisory

Affected Products:
CMS RedAks 2.0
Prior versions may also be vulnerable

"CMS RedAks 2.0 is a web based content management system." 

More Details
We at MajorSecurity have discovered some vulnerabilities in CMS RedAks 2.0, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed directly to the "search", "search_id" and "search_inall" POST parameters in "/search/" Controller is not properly sanitised before being stored and returned to the user.
This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

Web applications should never trust on user generated input and therefore sanatize all input.

Do not browse untrusted sites or follow untrusted links while being logged-in to the application.

MajorSecurity is a German penetrationtesting and security research company which focuses on web application security. We offer professional penetrationstest, security audits,
source code reviews and pci dss compliance tests. Visit us at http://www.majorsecurity.net/penetrationstest.php

Copyright © 1995-2019 LinuxRocket.net. All rights reserved.