#2 Vulnerability in version <= 1.20

closed-fixed
nobody
None
5
2009-10-13
2009-01-11
Anonymous
No

XSS vulnerability on CMME version <= 1.20.
An attacker can inject HTML code inside login page.
1) Go to admin.php
2) In username insert HTML code (ex: <script>alert('I ve injected this');</script> and for password anything you want
3) Press "Login" button and code will be executed

You should not put in output what user wrote.
Please fix in next release.

Regards from italy
R00T_ATI
r00t.ati@gmail.com

Discussion

    • status: open --> closed-accepted
     
  • Thanks! I'll fix this in version 1.22.

     
    • status: closed-accepted --> closed-fixed