MODx Evolution Cross Site Scripting and SQL Injection Vulnerabilities

Bugtraq ID:	39310
Class:	Input Validation Error
CVE:	CVE-2010-1426 CVE-2010-1427
Remote:	Yes
Local:	No
Published:	Apr 08 2010 12:00AM
Updated:	Oct 14 2010 08:09PM
Credit:	Takeshi Terada of Mitsui Bussan Secure Directions, Inc
Vulnerable:	MODx MODx Evolution 1.0.2
Not Vulnerable:	MODx MODx Evolution 1.0.3

MODx Evolution Cross Site Scripting and SQL Injection Vulnerabilities

MODx Evolution is prone to an SQL-injection vulnerability and cross-site scripting vulnerability.

Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, control how the site is rendered to the user, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Versions prior to MODx Evolution 1.0.3 are vulnerable.

MODx Evolution Cross Site Scripting and SQL Injection Vulnerabilities

An attacker can exploit these issues via a browser. To exploit a cross-site scripting issue, the attacker must entice an unsuspecting victim to follow a malicious URI.

MODx Evolution Cross Site Scripting and SQL Injection Vulnerabilities

Solution:
Updates are available. Please see the references for details.

MODx Evolution Cross Site Scripting and SQL Injection Vulnerabilities

References:

• Security updates in MODx Evolution 1.0.3. You really should upgrade. (MODx)
  
• JVN#19774883 MODx vulnerable to SQL injection (JPCERT/CC)
  
• JVN#46669729 MODx vulnerable to cross-site scripting (JPCERT/CC)
  
• MODx Homepage (MODx)