PHPMailer 'code_generator.php' Cross Site Scripting Vulnerability

PHPMailer is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.

Information

Bugtraq ID: 99293
Class: Input Validation Error
CVE: CVE-2017-11503

Remote: Yes
Local: No
Published: Jun 25 2017 12:00AM
Updated: Nov 23 2017 06:08AM
Credit: Shahab Shamsi
Vulnerable: Typo3 Multishop 5.0.0
PHPMailer PHPMailer 5.2.20
PHPMailer PHPMailer 5.2.19
PHPMailer PHPMailer 5.2.18
PHPMailer PHPMailer 5.2.14
PHPMailer PHPMailer 5.2.13
PHPMailer PHPMailer 1.7.3
PHPMailer PHPMailer 1.7.2
PHPMailer PHPMailer 1.7.1
PHPMailer PHPMailer 1.7
PHPMailer PHPMailer 5.2.22
PHPMailer PHPMailer 5.0.0
PHPMailer PHPMailer 1.73
+ Glpi-Project Glpi 0.68.3

Not Vulnerable: Typo3 Multishop 5.0.1
PHPMailer PHPMailer 5.2.23

Exploit

Attackers can exploit these issues by enticing an unsuspecting victim to follow a malicious URI.

References:

• PHPMailer Home Page (PHPMailer)
  
• TYPO3-EXT-SA-2017-014: Cross Site-Scripting in extension 'Multishop' (multishop) (TYPO3)
  

Source: www.securityfocus.com