Vulnerability Note VU#526062

CMS Made Simple contains multiple cross-site scripting vulnerabilities

Original Release date: 28 Feb 2014 | Last revised: 28 Feb 2014

Overview

CMS Made Simple contains multiple cross-site scripting vulnerabilities

Description

CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') - CVE-2014-0334

The files:
cmsmadesimple/admin/addgroup.php on line 107 contains a post-authentication reflected XSS vulnerability in the group parameter.
cmsmadesimple/admin/addhtmlblob.php on line 165 contains a post-authentication reflected XSS vulnerability in the htmlblob parameter.
cmsmadesimple/admin/addbookmark.php on lines 92 and 96 contains a post-authentication reflected XSS vulnerability in the title and url parameters.
cmsmadesimple/admin/copystylesheet.php on line 117 contains a post-authentication reflected XSS vulnerability in the stylesheet_name parameter.
cmsmadesimple/admin/copytemplate.php on line 160 contains a post-authentication reflected XSS vulnerability in the template_name parameter.
cmsmadesimple/admin/editbookmark.php on lines 117 and 121 contains a post-authentication reflected XSS vulnerability in the title and url parameters.
cmsmadesimple/admin/listtemplates.php on line 188 contains a post-authentication persistent XSS vulnerability in the template parameter.
cmsmadesimple/admin/listcss.php on line 172 contains a post-authentication persistent XSS vulnerability in the css_name parameter.

Impact

A remote attacker that is able to trick a logged in administrative user in to visiting a specially crafted URL may be able to conduct a cross-site scripting attack. This attack may result in information leakage, privilege escalation, and/or denial of service.

Solution

We are currently unaware of a practical solution to this problem.

Vendor Information (Learn More)

VendorStatusDate NotifiedDate Updated
CMS Made SimpleAffected20 Jan 201427 Feb 2014
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

Group Score Vector
Base 4.9 AV:N/AC:M/Au:S/C:P/I:P/A:N
Temporal 3.7 E:U/RL:U/RC:UC
Environmental 0.9 CDP:N/TD:L/CR:ND/IR:ND/AR:ND

References

Credit

Thanks to Pedro Ribeiro of Agile Information Security for reporting this vulnerability.

This document was written by Chris King.

Other Information

  • CVE IDs: CVE-2014-0334
  • Date Public: 28 Feb 2014
  • Date First Published: 28 Feb 2014
  • Date Last Updated: 28 Feb 2014
  • Document Revision: 20

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.