Web Application Security
[CVE-2012-6458] Multiple Persistent XSS in silverstripe-ecommerce Jul 14 2013 03:42PM
Craig Young (vuln-report secur3 us)
I am writing to inform you of multiple persistent XSS issues within
the ecommerce module
(https://code.google.com/p/silverstripe-ecommerce/) of SilverStripe
CMS. These issues have been fixed without a corresponding release
note or other indication of a security advisory. The author has been
unresponsive about what version numbers contain the fixes so I am
instead posting a link to the fix in case anyone wants to check/patch
their site.

https://code.google.com/p/silverstripe-ecommerce/source/detail?r=3739

Specifically there were some places where user-controlled profile
values were rendered without being sanitized. This could be exploited
by an attacker who establishes an account using their victim's email
address or an attacker who gains access to their victim's account by
any other means. In these situations the attacker could insert XSS
payloads which would execute if the victim subsequently logs into the
account. The issue is tracked as CVE-2012-6458.

Thanks,
Craig Young
@CraigTweets

This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus