XSS Vulnerabilities: Advisory Reference : NS-13-004
https://www.mavitunasecurity.com/xss-vulnerabilities-in-impress-cms-content-module/
In the "Advisory Timeline" is written, the issue is not longer available, but I could not find code changes and we didn't publish a newer version.
What's going on? I would ask for clarification of the facts. Thank you.
In the "Advisory Timeline" is written, the issue is not longer available, but I could not find code changes and we didn't publish a newer version.
What's going on? I would ask for clarification of the facts. Thank you.
Leave a comment
Prior to their publishing of this, @fiammy, @m0nty and I used their info and could not reprodue the issue.
I have reconfirmed this is a false positive report by downloading and installing the 1.3.4 Final zip package from SourceForge. I tried accessing the URI in the report 3 different times - prior to installation, after installation but before the module was installed, and after the module was installed. All 3 times there was no XSS script alert.
I've downloaded the evaluation copy of Netsparker, which was used to identify this "vulnerability" and ran it against a plain install of ImpressCMS 1.3.4 Final and the content module included in that release. The majority of the warnings issued were server configurations and outdated versions.
The URI listed in the vulnerability report passed without issue.
I have reconfirmed this is a false positive report by downloading and installing the 1.3.4 Final zip package from SourceForge. I tried accessing the URI in the report 3 different times - prior to installation, after installation but before the module was installed, and after the module was installed. All 3 times there was no XSS script alert.
I've downloaded the evaluation copy of Netsparker, which was used to identify this "vulnerability" and ran it against a plain install of ImpressCMS 1.3.4 Final and the content module included in that release. The majority of the warnings issued were server configurations and outdated versions.
The URI listed in the vulnerability report passed without issue.
Logging this ticket as invalid, it could not be duplicated.