← Advisories

CMSLogik 1.2.1 Multiple Persistent XSS Vulnerabilities

Medium
Advisory ID
ZSL-2013-5136
Release Date
14 April 2013
Vendor
ThemeLogik - http://www.themelogik.com/cmslogik
Affected Version
1.2.1 and 1.2.0
CVE
CVE-2013-3535
Tested On
Router Webserver
Summary

CMSLogik is built on a solid & lightweight framework called CodeIgniter, and design powered by Bootstrap. This combination allows for greater security, extensive flexibility, and ease of use. You can use CMSLogik for almost any niche that your project might fall into.

Description

CMSLogik suffers from multiple stored XSS vulnerabilities when parsing user input to several parameters via POST method. Attackers can exploit these weaknesses to execute arbitrary HTML and script code in a user's browser session.

Proof of Concept
cmslogik_xss.txtTXT
Disclosure Timeline
05.04.2013Vulnerability discovered.
05.04.2013Contact with the vendor.
05.04.2013Vendor replies asking more details.
05.04.2013Sent detailed information to the vendor.
08.04.2013Vendor confirms the issues promising patch.
14.04.2013Public security advisory released.
Credits
Vulnerability discovered by Gjoko Krstic
References
[1]http://cxsecurity.com/issue/WLB-2013040105
[2]http://www.exploit-db.com/exploits/24959/
[3]http://packetstormsecurity.com/files/121303
[4]http://osvdb.org/show/osvdb/92322
[5]http://osvdb.org/show/osvdb/92323
[6]http://osvdb.org/show/osvdb/92324
[7]http://osvdb.org/show/osvdb/92325
[8]http://osvdb.org/show/osvdb/92326
[9]http://xforce.iss.net/xforce/xfdb/83429
[10]http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-3535
[11]http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3535
Changelog
14.04.2013Initial release
15.04.2013Added reference [1] and [2]
16.04.2013Added reference [3], [4], [5], [6], [7] and [8]
19.04.2013Added reference [9]
14.05.2013Added reference [10] and [11]