Chamilo LCMS Connect 4.1 Cross Site Scripting
Posted on 06 January 2016
#Affected Vendor: http://lcms.chamilo.org/ #Date: 27/03/2015 #Discovered by: Joel Vadodil Varghese #Type of vulnerability: Stored XSS #Tested on: Windows 7 #Product: LCMS Connect #Version: 4.1 #Description: Chamilo is an open-source (under GNU/GPL licensing) e-learning and content management system, aimed at improving access to education and knowledge globally. Chamilo LCMS is a completely new software platform for e-learning and collaboration. Chamilo LCMS connect is vulnerable to stored xss vulnerability. The parameter "site_name" is the vulnerable parameter which will lead to its compromise. #Proof of Concept (PoC): site_name=<img src="" onerror="alert('XSS')"/> *Reported to Vendor:* 28 Mar 2015 *Patch Confirmation:* 01 Apr 2015 *References:* *Mail sent to Vendor: * http://lists.chamilo.org/pipermail/dev-lcms/2015-April/015386.html *Patch Confirmation:* https://bitbucket.org/chamilo/core/commits/96bc613dccebb91c80d53457432b0fd2fbe3dece