Monday, 7 January 2013

[EN] Wolf CMS 0.7.5-SP1 XSS

In latest Wolf CMS I found XSS vulnerability in 'Forgot password' mechanism.

Go to you admin panel:
http://192.168.64.106/wolfcms/?/admin/login  and click to 'Forgot password'.

Now put your xss code in forgot_email parameter:

./wolf/app/controllers/LoginController.php:154:           
return $this->_sendPasswordTo($_POST['forgot']['email']);


and

./wolf/app/views/login/forgot.php:61:                   
<input class="long" id="forgot-email" type="text" name="forgot[email]" value="<?php echo $email; ?>" />



and that's how we can do an xss attack here.

Posted by at
Labels: , , , ,

No comments:

Post a Comment

What do You think...?

Subscribe to: Post Comments (Atom)