15 lines
No EOL
1 KiB
Text
Executable file
15 lines
No EOL
1 KiB
Text
Executable file
source: http://www.securityfocus.com/bid/52666/info
|
|
|
|
Open Journal Systems is prone to following multiple vulnerabilities because the software fails to sufficiently sanitize user-supplied input:
|
|
|
|
1. An arbitrary-file-deletion vulnerability
|
|
2. A security vulnerability
|
|
3. An arbitrary-file-upload vulnerability
|
|
4. Multiple cross-site scripting vulnerabilities
|
|
|
|
An attacker may leverage these issues to execute arbitrary script code, upload arbitrary files, and execute arbitrary code with administrative privileges. These issues may allow the attacker to steal cookie-based authentication credentials and launch other attacks.
|
|
|
|
Open Journal Systems 2.3.6 is vulnerable; other versions may also be affected.
|
|
|
|
http://www.example.com/lib/pkp/lib/tinymce/jscripts/tiny_mce/plugins/ibrowser/ibrowser.php?editor=z&callb ack=x;};};alert%2834%29;{{&lang=en
|
|
http://www.example.com/lib/pkp/lib/tinymce/jscripts/tiny_mce/plugin s/ibrowser/ibrowser.php?editor=%27%29;};};alert%2834%29;{{a=x%28%27&callback=iBrowser_callback&a mp;lang=en |