← Advisories

Fork CMS 3.2.7 Multiple HTML Code Injection Vulnerabilities

Medium
Advisory ID
ZSL-2012-5076
Release Date
06 March 2012
Vendor
Fork CMS - http://www.fork-cms.com
Affected Version
3.2.7 and 3.2.6
CVE
N/A
Tested On
Microsoft Windows XP Professional SP3 (EN), Apache 2.2.21, PHP 5.3.9, MySQL 5.5.20
Summary

Fork is an open source cms that will rock your world.

Description

Fork CMS suffers from multiple XSS vulnerabilities when parsing user input to several parameters in different scripts, via POST and GET methods. Attackers can exploit these weaknesses to execute arbitrary HTML and script code in a user's browser session.

Proof of Concept
forkcms_xss.txtTXT
Disclosure Timeline
04.03.2012Vendor notified.
06.03.2012Public security advisory released.
12.03.2012Vendor releases version 3.3.0 and 3.3.1 to address these issues.
Credits
Vulnerability discovered by Gjoko Krstic
References
[1]http://forkcms.lighthouseapp.com/projects/61890/tickets/277-multiple-cross-site-scripting-xss-vulnerabilities-in-fork-cms-327
[2]http://cxsecurity.com/issue/WLB-2012030037
[3]http://packetstormsecurity.org/files/110459
[4]http://secunia.com/advisories/48067
[5]http://exploitsdownload.com/exploit/na/fork-cms-327-cross-site-scripting
[6]http://www.securityfocus.com/bid/52319
[7]http://xforce.iss.net/xforce/xfdb/73751
[8]https://github.com/forkcms/forkcms/commit/9127077c8df255aaab487e54f914858763947180#diff-0
[9]https://github.com/forkcms/forkcms/commit/bdeb2c4c91aea3e45cc6e09ba7ff90ed008673d0#diff-0
[10]http://www.osvdb.org/show/osvdb/80059
[11]http://www.osvdb.org/show/osvdb/80060
[12]http://www.osvdb.org/show/osvdb/80061
[13]http://www.osvdb.org/show/osvdb/80062
[14]http://www.osvdb.org/show/osvdb/80063
[15]http://www.osvdb.org/show/osvdb/80064
Changelog
06.03.2012Initial release
07.03.2012Added reference [3], [4], [5] and [6]
10.03.2012Added reference [7]
12.03.2012Added vendor status and reference [8] and [9]
16.03.2012Added reference [10], [11], [12], [13], [14] and [15]