← Advisories

Realtyna RPL 8.9.2 Joomla Extension Persistent XSS And CSRF Vulnerabilities

Medium

Advisory ID

ZSL-2015-5271

Release Date

22 October 2015

Vendor

Realtyna LLC - https://www.realtyna.com

Affected Version

8.9.2

CVE

CVE-2015-7715

Tested On

Apache, PHP/5.4.38

Summary

Realtyna CRM (Client Relationship Management) Add-on for RPL is a Real Estate CRM specially designed and developed based on business process and models required by Real Estate Agents/Brokers. Realtyna CRM intends to increase the Conversion Ratio of the website Visitors to Leads and then Leads to Clients.

Description

The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site. Multiple cross-site scripting vulnerabilities were also discovered. The issue is triggered when input passed via the multiple parameters is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

Proof of Concept

realtyna_xsscsrf.txtTXT

Disclosure Timeline

05.10.2015Vulnerability discovered.

06.10.2015CVE-2015-7714 and CVE-2015-7715 assigned.

07.10.2015Contact with the vendor.

07.10.2015Vendor responded asking for details.

07.10.2015Advisory and details sent to the vendor.

08.10.2015Vendor confirms the vulnerability scheduling patch release date.

21.10.2015Vendor releases version 8.9.5 to address these issues.

22.10.2015Coordinated public security advisory released.

Credits