Jamroom, social media platform, version 5.0.2 is vulnerable to perform cross-site scripting (XSS) attacks. Details are disclosed by High-Tech Bridge Security Research Lab.
The XSS vulnerability exists due to insufficient sanitisation of user-supplied data in "search_string" HTTP POST parameter passed to URLs like "/search/results/all/1/4". A remote attacker can trick a logged-in user to open a specially crafted link and execute arbitrary HTML and script code in browser in context of the vulnerable website.
The exploitation example below uses the JavaScript "alert()" function to display "immuniweb" word:
<form action="http://[host]/search/results/all/1/4" method="post" name="main">
<input type="hidden" name="search_string" value='" onmouseover="javascript:alert("immuniweb");'>
<input type="submit" id="btn">
</form>
Solution: Update Jamroom Search module to version 1.1.1.
No comments:
Post a Comment