Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:29565
HistoryJul 15, 2013 - 12:00 a.m.

[Foreground Security 2013-001]: Joomla AICONTACTSAFE 2.0.19 Extension Cross-Site Scripting (XSS) vulnerability

2013-07-1500:00:00
vulners.com
89
JSON

Joomla AICONTACTSAFE 2.0.19 Extension Cross-Site Scripting (XSS) vulnerability

FOREGROUND SECURITY, SECURITY ADVISORY 2013-001

  • Original release date: July 10, 2013
  • Discovered by: Adam Willard (Software Security Analyst at Foreground Security)
  • Verified by: Jose Carlos de Arriba (Pentest Team Manager at Foreground Security)
  • Contact: (awillard (at) foregroundsecurity (dot) com)
  • Severity: 4.3/10 (Base CVSS Score)
    ============================================================

I. VULNERABILITY

Algis Info aiContactSafe Extension 2.0.19 (latest) Cross-Site Scripting (XSS) vulnerability - (prior versions have not been checked but could be vulnerable too).

II. BACKGROUND

Algis Info aiContactSafe is a native Joomla component developed by Algis Info.
You can use it to place a complex contact form on your web page.
Here are some of the facilities that it can offer:

  • custom fields
  • captcha
  • custom text related to the contact informations
  • multilingual support ( through Joomfish )
  • SEFthrough Artio JoomSEF or sh404SEF

III. DESCRIPTION

Algis Info aicontactsafe 2.0.19 (latest) Extension presents a Cross-Site Scripting (XSS) vulnerability in the "url" due to an insufficient input/output sanitization.
A malicious user could perform session hijacking or phishing attacks.

IV. PROOF OF CONCEPT

(This section has been removed per vendor request).

V. BUSINESS IMPACT

An attacker could perform session hijacking or phishing attacks.

VI. SYSTEMS AFFECTED

Joomla Extension, AlgisInfo com_aicontactsafe_2_0_19_stable Extension (prior versions have not been checked but could be vulnerable too).

VII. SOLUTION

Fixed on 2.0.21.stable version release.

VIII. REFERENCES

http://www.algisinfo.com/
http://www.foregroundsecurity.com/

IX. CREDITS

This vulnerability has been discovered by Adam Willard (awillard (at) foregroundsecurity (dot) com), verification and release coordination by Jose Carlos de Arriba (jcarriba (at) foregroundsecurity (dot) com).

X. REVISION HISTORY

  • July 10, 2013: Initial release.

XI. DISCLOSURE TIMELINE

April 2, 2013: Vulnerability discovered by Adam Willard.
April 3, 2013: Vulnerability verified by Jose Carlos de Arriba.
April 15: AlgisInfo aiContactSafe Author contacted by email.
April 15: Response from author and security advisory sent to him.
April 16: Vulnerability fixed on 2.0.21.stable version release
July 10: Security advisory released

XII. LEGAL NOTICES

The information contained within this advisory is supplied "as-is" with no warranties or guarantees of fitness of use or otherwise.

Jose Carlos de Arriba, CISSP
Pentest Team Manager
Foreground Security
305-340-9964
jcarriba (at) foregroundsecurity . com
www.foregroundsecurity.com

JSON