← Advisories

BGS CMS v2.2.1 Multiple Stored Cross-Site Scripting Vulnerabilities

Medium
Advisory ID
ZSL-2012-5084
Release Date
11 April 2012
Vendor
BGSvetionik - http://www.bgs-cms.com
Affected Version
2.2.1
CVE
N/A
Tested On
Apache 2.2.22, PHP 5.3.10
Summary

BGS CMS is powerful Content Management System used to easily publish, manage and organize wide variety of content on the website.

Description

BGS CMS suffers from multiple stored and reflected XSS vulnerabilities when parsing user input to several parameters via GET and POST method (post-auth). Attackers can exploit this weakness to execute arbitrary HTML and script code in a user's browser session.

Proof of Concept
bgscms_xss.htmlTXT
Disclosure Timeline
05.04.2012Vulnerabilities discovered.
05.04.2012Initial contact with the vendor.
10.04.2012No response from the vendor.
11.04.2012Public security advisory released.
Credits
Vulnerability discovered by Gjoko Krstic
References
[1]http://cxsecurity.com/issue/WLB-2012040095
[2]http://secunia.com/advisories/38597/
[3]http://packetstormsecurity.org/files/111758/BGS-CMS-2.2.1-Cross-Site-Scripting.html
[4]http://www.securityfocus.com/bid/52983
[5]http://xforce.iss.net/xforce/xfdb/74839
[6]http://www.osvdb.org/show/osvdb/81115
Changelog
11.04.2012Initial release
12.04.2012Added reference [2], [3] and [4]
14.04.2012Added reference [5]
16.04.2012Added reference [6]