-
Notifications
You must be signed in to change notification settings - Fork 1
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bedita CMS 3.6.0 – Publication Module Bug Report #8
Comments
Hi @cybersecurityworks here a BEdita dev. I see you used Burp Suite, so I installed it and I'm trying to figure out how to use it to reproduce the attack. I configured Firefox to work with Burp setting Proxy and Burp intercepts every request I do from BEdita. From Burp I edit the POST url of the request intercepted appending Please could you give me other informations on how to test the attack? |
The fix was committed bedita/bedita@a193208 |
Good to know. Then, Is that possible for bedita or bedita development team to give at least credit for discovering this issue? If possible please provide credit to: "Arjun from Cyber Security Works Pvt Ltd ( http://cybersecurityworks.com)" This will keep our team motivated to keep on working on enhancing security. Thanks |
And finally it's here https://github.com/bedita/bedita/releases/tag/v3.7.0 |
Details
Bedita CMS 3.6.0 – Publication Module Bug Report
Bug Name: XSS (Cross Site Scripting)
Version: 3.6.0
Last Updated: 31/08/2015
Homepage: http://www.bedita.com/
Severity High
Description: XSS vulnerability in Bedita CMS 3.6.0 Publication module
Proof of concept: (POC)
Issue:
POST request URL http://192.168.56.104/bedita/bedita-app/pages/showObjects/2/0/0/leafs of
Bedita CMS 3.6.0 is vulnerable to Cross Site Scripting (XSS)
Figure 1: XSS Payload injected in the given URL http://192.168.56.104/bedita/beditaapp/pages/showObjects/2/0/0/leafs is reflected back in the response
Figure 2: XSS Payload gets executed in the browser
Discovered by:
Arjun Basnet from Cyber Security Works Pvt Ltd
The text was updated successfully, but these errors were encountered: