← Advisories

Subrion CMS 2.2.1 Multiple Remote XSS POST Injection Vulnerabilities

Medium

Advisory ID

ZSL-2012-5105

Release Date

11 September 2012

Vendor

Intelliants LLC - http://www.subrion.com

Affected Version

2.2.1

CVE

CVE-2011-5211, CVE-2012-5452, CVE-2012-4771

Tested On

Microsoft Windows 7 Ultimate SP1 (EN), Apache 2.4.2 (Win32), PHP 5.4.4, MySQL 5.5.25a

Summary

Subrion is a free open source content management system. It's written in PHP 5 and utilizes MySQL database. Subrion CMS can be easily integrated into your current website or used as a stand alone platform. It's extremely flexible and scalable php system that stands for a content management framework.

Description

Subrion CMS suffers from multiple stored and reflected cross-site scripting vulnerabilities. The issues are triggered when input passed via several parameters to several scripts is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

Proof of Concept

subrion_xss.txtTXT

Disclosure Timeline

05.09.2012Vulnerabilities discovered.

06.09.2012Contact with the vendor.

07.09.2012Vendor responds asking more details.

07.09.2012Sent detailed information to the vendor.

10.09.2012Vendor creates patch.

11.09.2012Vendor releases version 2.2.2 to address these issues.

11.09.2012Coordinated public security advisory released.

Credits

Vulnerability discovered by Gjoko Krstic