XSS Vulnerability in Multiple eMLi Products


      

            Cross Site Scripting Vuulnerability in core-eMLi in eMLi V1.0 allows an Attacker to send malicious code, generally in the form of a browser-side script, to a different
end user.

 

What is Cross Site Scripting ?

            Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. Flaws that allow these attacks to succeed are quite widespread and occur anywhere a web application uses input from a user within the output it generates without validating or encoding it.

Impact Scenario : 

     1. Account Hijacking
     2. Website Defacement
     3. Stealing Credentials
     4. Sensitive Data Leak

Affected Versions :
 
                    eMLi : School Management - 1.0
               eMLi : College Campus Management - 1.0
               eMLi : University Management - 1.0

Vulnerability Reproduction Steps(POC):


             Step 1: Visit URL of any Affected Versions 

             Step 2:  Login to student portal


            Step 3:  Replace URL with this
       [host] /core-emli/code/student_
portal/home.php?page=%08x.%08x.%08x.%08x.%08x%3Cscript%3Ealert%28String.fromCharCode%2888%2C%2083%2C%2083%29%29%3C%2fscript%3E
            Step 4: The final URL which we have generated will generate a dialog box with XSS label on webpage. An Attacker can get whole access to whole system with specially crafted malicious script.



Notes :

  • **The Common Vulnerabilities and Exposures (CVE) project has assigned the ID CVE-2017-7621 to this issue. This is an entry on the CVE List, which standardizes names for security problems.
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7621
  • CVE ID: CVE- 2017-7621
  • In case of any doubts please contact me on unqdrms [at] gmail [dot] com

Popular posts from this blog

Path Traversal Vulnerability in eMLi Portal [CVE-2017-7258]