0004095: Composr CMS 10.0.30 - (Authenticated) Cross-Site Scripting

ID	Project	Category	View Status	Date Submitted	Last Update

0004095	Composr	[All Projects] General / Uncategorised	public	2020-02-06 11:36	2020-02-06 21:07

Reporter	Guest	Assigned To	Chris Graham
Severity	Security-hole
Status	closed	Resolution	fixed
Product Version
Fixed in Version

Summary	0004095: Composr CMS 10.0.30 - (Authenticated) Cross-Site Scripting
Description	Go to: Security -> Usergroups -> Edit Usergroup Select one Usergroup (for example Guest) and edit the Name (parameter name) for example with Guests"><script>alert(1)</script> The variable "name" it is not sanitized, later, if some user visit the "Zone editor" area, the XSS is executed, in the response you can view: <input type="hidden" name="label_for__access_1" value="Access for Guests"><script>alert(1)</script>" />
Additional Information	advidsec@gmail.com
Tags	No tags attached.

Time estimation (hours)
Sponsorship open

Chris Graham 2020-02-06 21:04 administrator ~0006370	This issue has been confirmed. Thank you for reporting! As the affecting data can only be added by a privileged user, and the adding of the data is protected from CSRF by a form token, we won't be pushing out a new release specifically to deal with this issue. It will be handled as a regular bug report and folded into the next patch release alongside other bug fixes.

Date Modified	Username	Field	Change
2020-02-06 11:36	Guest	New Issue
2020-02-06 15:39	Chris Graham	View Status	public => private
2020-02-06 21:01	Chris Graham	View Status	private => public
2020-02-06 21:04	Chris Graham	Note Added: 0006370
2020-02-06 21:07	Chris Graham	Assigned To	=> Chris Graham
2020-02-06 21:07	Chris Graham	Status	non-assigned => closed
2020-02-06 21:07	Chris Graham	Resolution	open => fixed
2020-02-06 21:07	Chris Graham	Relationship added	has duplicate 0004101
2023-02-26 18:29	Chris Graham	Category	General => General / Uncategorised