Software: OpenCMS
Version: <=6.2.1
Type: Cross site scripting
Date: June, 10th 2006
Vendor: Alkacon Software GmbH
Page: http://www.alkacon.com
http://www.opencms.org/opencms/en/
Discovered by: David "Aesthetico" Vieira-Kurz
http://www.majorsecurity.de
http://www.majorsecurity.de/advisory/major_rls11.txt
OpenCMS 6.2.1 and prior
OpenCms is a professional level Open Source Website Content Management System.
register_globals = On
Input passed to the search inputbox/query is not properly verified.
This can be exploited to accomplish cross site sctipting attacks.
Edit the source code to ensure that input is properly sanitised.
You should work with "htmlspecialchars()" or "strip_tags()" php-function to ensure that html tags
are not going to be executed.
Example:
<?php
echo htmlspecialchars("<script");
?>
Set "register_globals" to "Off".
Goto the search query/inputbox and type in following line as searchword:
<script>alert("MajorSecurity")</script>