Decoding CISA Known Exploited Vulnerabilities
Back to all zero days

Reflected Cross-Site Scripting (XSS) in SilverStripe CMS & Framework

Affected Vendor

SilverStripe

Status

Fixed

Date

Nov 5, 2015

High Severity

Description

A cross-site scripting (XSS) attack can cause arbitrary code (javascript) to run in a user’s browser while the browser is connected to a trusted web site. The application targets your users and not the application itself, but it uses your application as the vehicle for the attack. XSS payload is executed when the user tries to modify the value of the following mentioned variable in SilverStripe CMS & Framework v3.2.0 on 2 Places, whereas listed below along with screenshots for better understanding.

 1. Locale

 2. FailedLoginCount

Proof of concept: (POC)

Issue 1: The POST Request of the variable Locale in the new member form is vulnerable to XSS.

A screenshot of a social media post

Descxxxription automatically generated

Figure 1: XSS payload was injected in the Locale variable.

A screenshot of a social media post

Descxxxription automatically generated

Figure 2: Injected payload was executed in the browser

Issue 2: The POST Request of the variable FailedLoginCount in the new member form is vulnerable to XSS

A screenshot of a social media post

Descxxxription automatically generated

Figure 01: XSS payload is injected in the Locale variable.

A screenshot of a cell phone

Descxxxription automatically generated

Figure 02: Injected payload was executed in the browser

 

Impact

User’s session cookie & end-user files disclosure. 

Hijack the user’s session & take over the account. 

Installation of Trojan horse programs. 

Redirection of the user to some other page or site. 

Modification to the presentation of content

Remediations

Download the patch release advised as per the vendor.

Timeline

Nov 05, 2015: Vulnerability Disclosure in SilverStripe CMS & Framework and Reported

Nov 11, 2015: Vendor Response

Nov 16, 2015: Vendor Released Fix

Dec 12, 2015: Public disclosed

Dec 17, 2015: CVE Assigned

Discovered by

Cyber Security Works Pvt. Ltd. 


  • Affected VendorSilverStripe
  • Bug NameReflected Cross-Site Scripting (XSS)
  • CVE NumberCVE-2015-8606
  • CWE IDCWE - 79
  • CSW ID2015-CSW-09-1009
  • CVSSv3 Score6.1
  • Affected Version3.2.0
  • SeverityHigh
  • Affected ProductSilverStripe
fb icon twitter icon insta icon

Talk to CSW's team of experts to secure your landscape.