CVE-2014-7291
CVSS4.3
发布时间 :2014-12-01 10:59:05
修订时间 :2014-12-01 13:09:49
NMCPS    

[原文]Multiple cross-site scripting (XSS) vulnerabilities in api_events.php in Springshare LibCal 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) m or (2) cid parameter.


[CNNVD]Springshare LibCal‘api_events.php’跨站脚本漏洞(CNNVD-201411-532)

        

Springshare LibCal是美国Springshare公司的一套用于图书馆的日历和事件管理平台。该平台支持创建在线客房预订系统、显示图书馆营业时间等。

Springshare LibCal 2.0版本的api_events.php脚本中存在跨站脚本漏洞。远程攻击者可借助‘m’或‘cid’参数利用该漏洞注入任意Web脚本或HTML。

- CVSS (基础分值)

CVSS分值: 4.3 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: NONE [对系统可用性无影响]
攻击复杂度: MEDIUM [漏洞利用存在一定的访问条件]
攻击向量: NETWORK [攻击者不需要获取内网访问权或本地访问权]
身份认证: NONE [漏洞利用无需身份认证]

- CWE (弱点类目)

CWE-79 [在Web页面生成时对输入的转义处理不恰当(跨站脚本)]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7291
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7291
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-201411-532
(官方数据源) CNNVD

- 其它链接及资源

http://xforce.iss.net/xforce/xfdb/99000
(UNKNOWN)  XF  springshare-libcal-cve20147291-xss(99000)
http://tetraph.com/security/cves/cve-2014-7291-springshare-libcal-xss-cross-site-scripting-vulnerability/
(UNKNOWN)  MISC  http://tetraph.com/security/cves/cve-2014-7291-springshare-libcal-xss-cross-site-scripting-vulnerability/
http://seclists.org/fulldisclosure/2014/Nov/90
(UNKNOWN)  FULLDISC  20141127 CVE-2014-7291 Springshare LibCal XSS (Cross-Site Scripting) Vulnerability

- 漏洞信息

Springshare LibCal‘api_events.php’跨站脚本漏洞
中危 跨站脚本
2014-11-28 00:00:00 2014-12-09 00:00:00
远程  
        

Springshare LibCal是美国Springshare公司的一套用于图书馆的日历和事件管理平台。该平台支持创建在线客房预订系统、显示图书馆营业时间等。

Springshare LibCal 2.0版本的api_events.php脚本中存在跨站脚本漏洞。远程攻击者可借助‘m’或‘cid’参数利用该漏洞注入任意Web脚本或HTML。

- 公告与补丁

        目前厂商暂未发布修复措施解决此安全问题,建议使用此软件的用户随时关注厂商主页或参考网址以获取解决办法:
        http://www.springshare.com/libcal/

- 漏洞信息 (F129289)

Springshare LibCal 2.0 Cross Site Scripting (PacketStormID:F129289)
2014-11-27 00:00:00
Jing Wang  
exploit,xss
CVE-2014-7291
[点击下载]

Springshare LibCal version 2.0 suffers from a cross site scripting vulnerability.

*Exploit Title: Springshare LibCal XSS (Cross-Site Scripting) Vulnerability*

Product: LibCal

Vendor: Springshare

Vulnerable Versions: 2.0

Tested Version: 2.0

Advisory Publication: Nov 25, 2014

Latest Update: Nov 25, 2014

Vulnerability Type: Cross-Site Scripting [CWE-79]

CVE Reference: CVE-2014-7291

CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N) (legend)

Impact Subscore: 2.9

Exploitability Subscore: 8.6

Solution Status: Fixed by Vendor

Credit: Wang Jing [SPMS, Nanyang Technological University, Singapore]







*Advisory Details*



*(1) Product:*

"Springshare LibCal is an easy to use calendaring and event management
platform for libraries. Used by 1,600+ libraries worldwide."



*(2) Vulnerability Details:*

The XSS vulnerabilities occur at "/api_events.php?" page, with "&m" and
"&cid" parameters.



*(3) Solutions:*

2014-10-01: Report vulnerability to Vendor

2014-10-15: Vendor replied with thanks and vendor changed the source code









*References:*

http://tetraph.com/security/cves/cve-2014-7291-springshare-libcal-xss-cross-site-scripting-vulnerability/

http://www.springshare.com/libcal/

http://cwe.mitre.org

http://cve.mitre.org/


    

- 漏洞信息

Springshare LibCal 'api_events.php' Multiple Cross Site Scripting Vulnerabilities
Input Validation Error 71319
Yes No
2014-11-25 12:00:00 2014-11-25 12:00:00
Wang Jing

- 受影响的程序版本

- 漏洞讨论

Springshare LibCal is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.

An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.

LibCal 2.0 is vulnerable; other versions may also be affected.

- 漏洞利用

Attackers can exploit these issues by enticing an unsuspecting victim to follow a malicious URI.

- 解决方案

Reportedly the issue is fixed, however Symantec has not confirmed this. Please contact the vendor for more information.

- 相关参考

     

     

    关于SCAP中文社区

    SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

    版权声明

    CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站