![]() Improper neutralization of input during web page generation leads to cross-site scripting in elFinder file manager versions ≤ 2.1.31. Additional hat tip to MLT, 0xFFFF member who told me that Subrion would likely be a good CMS to use for my research. Shout out to Trustwave SpiderLabs and Sakura Samurai member Higinio Ochoa who bravely volunteered to click my elFinder exploitation link multiple times while troubleshooting for this write-up. This writeup identifies a cross-site scripting vulnerability in an additional elFinder version, leading to the revision of the current CVE. We identified the vulnerabilities as part of individual security research, and Subrion's Content Management System's (CMS) use of elFinder led to the discovery of this CVE. So, software engineers should make a determination about the authentication requirements for their integrations. Organizations with user-permissions-based elFinder deployments or unauthenticated implementations are at a much higher risk of exploitation. As a result, the scope of the impact of the elFinder stored XSS vulnerability is not currently known as organizations could potentially deploy it both as an authenticated or unauthenticated component. Integrations aren't limited to only those web applications, as organizations could deploy the code as they see fit. Organizations should note that elFinder can integrate into many web applications such as Django, Drupal, Laravel, Roundcube, Subrion, Symfony, Tiki Wiki, Wordpress, XOOPS, Yii & Zenphoto. The vulnerability can result in the theft of user credentials, tokens, and the ability to execute malicious JavaScript in the user's browser.Īny organization utilizing an out-of-date elFinder component on its web application could be affected. A stored cross-site scripting vulnerability, tracked as CVE-2021-45919, was identified in elFinder File Manager. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |