Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sun, 29 Nov 2015 09:55:29 -0500 (EST)
From: cve-assign@...re.org
To: bscarvell@....net
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: CVE request: XSS to RCE in PHP-Fusion 9

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> I discovered a stored XSS vulnerability in PHP-Fusion 9

> This breaks a trust boundary as a user with access to only the robots.txt
> editor can use this to escalate their privileges, read files or gain a
> reverse TCP shell on the server.

> The robots.txt editor fails to sanitize the robots.txt file content as it
> loads the <textarea> content.

> https://gist.github.com/bscarvell/57f82000bf823071404e
> https://github.com/php-fusion/PHP-Fusion/commit/f1a5fce791e2392d5a23a6d62ab65c481cdd6a66

Use CVE-2015-8375.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJWWxF1AAoJEL54rhJi8gl52OgP/03FYNypbRsa/2VSs+EM0AYn
2aQEPy+BXrmWiIs9Vcuj/ezzlifJaq7KyneXL+KptCvtYsUDFhIzsKgoJOmsitHR
l1rJlBeLd97RLjYydIBRgPN7jciP8Y1yMy92NFj+BtuCVVmShWSDm4aMsT5Tu6qD
PmDiaKublDrNeMrVKUKVel7PNLlqbBTVq9aDK+yWc1GW/q9mf9k2m9wOJibM0uOX
KaOXk7t5sJA74rq0xjagL4QMOgaTS5maGHXepaUNDUlJwU2+WH8cJgxgaeRnJkjI
6/vqZieX7/d+/8Yhcsxuuc8wCFA1lmMyqvna6HUobhEI1QD25FGKa7lgaCqD7uzF
042IAkOYSAgV0YLQgqudH/wK55iBHOCZqhvwW635kz6nEba2aYJuD34ejDytr9qj
lKrqjtB0dIM3fjwEfD+gdiTsOjUc8S/obde2LHZf1b4LjwVXfhXTcBLh8zR9yVWS
334Lc+qXdtBuHrkQ03e549jAhDTO5RzU47vvPLaPhyRNf7A9V1MtBvYhdR5/nGTr
2mYKZl+maFFgXuqaoDS2hbvLGC3ZRK54a+vrpvCk226rhyRYRLTLTFPwGBtO0+1a
37fA62qEhD5xlx6zhwvdCHoocQws2iJoPPvSbJJL2XjasR+lDcsrvavnemUgC3ty
KQd5Jont7rwsrdGid64B
=GKmD
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ