Advisory ID: HTB23204 Product: Open Classifieds Vendor: Open Classifieds Team Vulnerable Version(s): 2-2.1.2 and probably prior Tested Version: 2-2.1.2 Advisory Publication: February 19, 2014 [without technical details] Vendor Notification: February 19, 2014=20 Vendor Patch: February 20, 2014=20 Public Disclosure: March 12, 2014=20 Vulnerability Type: Cross-Site Scripting [CWE-79] CVE Reference: CVE-2014-2024 Risk Level: Medium=20 CVSSv2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N) Solution Status: Fixed by Vendor Discovered and Provided: High-Tech Bridge Security Research Lab ( https://w= ww.htbridge.com/advisory/ )=20 ---------------------------------------------------------------------------= -------------------- Advisory Details: High-Tech Bridge Security Research Lab discovered vulnerability in Open Cla= ssifieds, which can be exploited to perform Cross-Site Scripting (XSS) atta= cks. 1) Cross-Site Scripting (XSS) in Open Classifieds: CVE-2014-2024 The vulnerability exists due to insufficient sanitisation of user-supplied = data passed via the URI to "/shared-apartments-rooms/" URL. A remote attack= er can trick a logged-in user to open a specially crafted link and execute = arbitrary HTML and script code in browser in context of the vulnerable webs= ite. The exploitation example below uses the JavaScript "alert()" function to di= splay "immuniweb" word: http://[host]/shared-apartments-rooms/</title><script>alert(%22immuniweb%22= )</script> ---------------------------------------------------------------------------= -------------------- Solution: Update to Open Classifieds 2-2.1.3 More Information: https://github.com/open-classifieds/openclassifieds2/issues/556 https://github.com/open-classifieds/openclassifieds2/commit/45ee8fb601a91b8= a4238229580a32a4fd8d96ef9 ---------------------------------------------------------------------------= -------------------- References: [1] High-Tech Bridge Advisory HTB23204 - https://www.htbridge.com/advisory/= HTB23204 - Cross-Site Scripting (XSS) in Open Classifieds. [2] Open Classifieds - http://open-classifieds.com - Open Classifieds is we= b software you can use to create a beautiful classifieds or listings. [3] Common Vulnerabilities and Exposures (CVE) - http://cve.mitre.org/ - in= ternational in scope and free for public use, CVE=C2=AE is a dictionary of = publicly known information security vulnerabilities and exposures. [4] Common Weakness Enumeration (CWE) - http://cwe.mitre.org - targeted to = developers and security practitioners, CWE is a formal list of software wea= kness types. [5] ImmuniWeb=C2=AE - https://portal.htbridge.com/ - is High-Tech Bridge's = proprietary web application security assessment solution with SaaS delivery= model that combines manual and automated vulnerability testing. ---------------------------------------------------------------------------= -------------------- Disclaimer: The information provided in this Advisory is provided "as is" a= nd without any warranty of any kind. Details of this Advisory may be update= d in order to provide as accurate information as possible. The latest versi= on of the Advisory is available on web page [1] in the References.