Title: HTB23137: Cross-Site Scripting (XSS) vulnerability in gpEasy
Post by: AndyP on January 25, 2013, 02:23:02 AM
Advisory ID: HTB23137
Vulnerable Versions: 3.5.2 and probably prior
Tested Version: 3.5.2
Vendor Notification: January 2, 2013
Vendor Fix: January 2, 2013
Public Disclosure: January 23, 2013
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference: CVE-2013-0807
Risk Level: Low
CVSSv2 Base Score: 2.6 (AV:N/AC:H/Au:N/C:N/I:P/A:N)
Solution Status: Fixed by Vendor
Discovered and Provided: High-Tech Bridge Security Research Lab
High-Tech Bridge Security Research Lab discovered vulnerability in gpEasy, which can be exploited to perform Cross-Site Scripting (XSS) attacks.
1) Cross-Site Scripting (XSS) in gpEasy: CVE-2013-0807
The vulnerability exists due to insufficient sanitisation of user-supplied data in "section" HTTP GET parameter passed to "index.php" script. A remote attacker can trick logged-in administrator to open a specially crafted link and execute arbitrary HTML and script code in browser in context of the vulnerable website.
Upgrade "include/tool/editing_page.php" script to the latest version from GitHub.
 High-Tech Bridge Advisory HTB23137 - https://www.htbridge.com/advisory/HTB23137 - Cross-Site Scripting (XSS) vulnerability in gpEasy.
 gpEasy - http://gpeasy.com - gpEasy is a complete and easy to use Content Management System written in PHP.
 Common Vulnerabilities and Exposures (CVE) - cve.mitre.org - international in scope and free for public use, CVEŽ is a dictionary of publicly known information security vulnerabilities and exposures.
 Common Weakness Enumeration (CWE) - cwe.mitre.org - targeted to developers and security practitioners, CWE is a formal list of software weakness types.