| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAFQNZ6q7oN=ZPSc6oC8Uu=QjViS5eh9bx0JgvYkUSkf=yBAiqg@mail.gmail.com> Date: Fri, 29 May 2015 13:09:06 +0200 From: "NaxoneZ ." <naxonez@...il.com> To: fulldisclosure@...lists.org Subject: [FD] CVE-2015-3935 HTML Injection in Dolibarr # Title: HTML Injection in dolibarr # Author: Sergio Galán - @NaxoneZ # Date: May 20,2015 # Vendor Homepage: *http://www.dolibarr.es/ <http://www.dolibarr.es/>* # Vulnerable version: 3.5 / 3.6 # CVE: CVE-2015-3935 Dolibarr no properly escape untrusted data to prevent injection [*] Page affected - dolibarr-3.7.0/htdocs/societe/societe.php - dolibarr-3.7.0/htdocs/societe/admin/societe.php [*] Fields affected - Bussiness Search (search_nom) (many others can be affected) [*] Poc You only need to inject the script code in this field like a: "> < img src='http://www.xxx.com > More Info ======= https://github.com/Dolibarr/dolibarr/issues/2857 Fixed ======= https://github.com/GPCsolutions/dolibarr/commit/a7f6bbd316e9b96216e9b2c7a065c9251c9a8907 _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists