HackDig : Dig high-quality web security articles for hacker

SimpleRisk v20170416-001 Reflected XSS Vulnerabilities

2017-06-21 12:20
Title: SimpleRisk v20170416-001 Reflected XSS Vulnerabilities
Advisory ID: ZSL-2017-5414
Type: Local/Remote
Impact: Cross-Site Scripting
Risk: (3/5)
Release Date: 21.06.2017
Summary
SimpleRisk is an open-source risk management system releasedunder Mozilla Public License and used for risk management activities.It enables risk managers to account for risks, plan mitigation measures,facilitate management reviews, prioritize for project planning, and trackperiodic reviews.
Description
SimpleRisk suffers from two reflected cross-site scripting vulnerabilitieswhen input passed via 'draw' POST parameter and the 'PHP_SELF' variable is notproperly sanitized before being returned to the user. This can be exploited toexecute arbitrary HTML and script code in a user's browser session in context ofan affected site.
Vendor
SimpleRisk, LLC - https://www.simplerisk.com
Affected Version
20170416-001
20170108-001
20170102-001
Tested On
PHP/5.5.9-1ubuntu4.20
Apache/2.4.7 (Ubuntu)
MySQL 14.14 (Distrib 5.5.53 for debian-linux-gnu)
Ubuntu 14.04.5 LTS
Vendor Status
[05.06.2017] Vulnerability discovered.
[05.06.2017] Vendor contacted.
[05.06.2017] Vendor responds asking more details.
[05.06.2017] Sent details to the vendor.
[05.06.2017] Working with the vendor.
[07.06.2017] Vendor provides patch for verification.
[07.06.2017] Vendor informed that the patch is verified, vulnerabilities fixed.
[07.06.2017] Working with the vendor.
[14.06.2017] Vendor releases version 20170614-001 to address these issues.
[21.06.2017] Coordinated public security advisory released.
PoC
simplerisk_xss.html
Credits
Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk>
High five to Josh!
References
[1] https://simplerisk.freshdesk.com/helpdesk/tickets/2497
[2] https://github.com/simplerisk/documentation/raw/master/SimpleRisk%20Release%20Notes%2020170614-001.pdf
[3] https://www.simplerisk.com/contributors
Changelog
[21.06.2017] - Initial release
Contact
Zero Science Lab

Web: http://www.zeroscience.mk
e-mail: lab@zeroscience.mk


Source: php.4145-7102-LSZ/seitilibarenluv/ne/km.ecneicsorez.www

Read:1424 | Comments:0 | Tags: Xss

“SimpleRisk v20170416-001 Reflected XSS Vulnerabilities”0 Comments

Submit A Comment

Name:

Email:

Blog :

Verification Code:

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud