Faq-O-Matic Cross Site Scripting Vulnerability

vendor:

Faq-O-Matic

by:

SecurityFocus

3.3

CVSS

MEDIUM

Cross Site Scripting

CWE

Product Name: Faq-O-Matic

Affected Version From: 2.711

Affected Version To: 2.712

Patch Exists: YES

Related CWE: N/A

CPE: Faq-O-Matic

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2002

Faq-O-Matic Cross Site Scripting Vulnerability

Faq-O-Matic 2.711 and 2.712 is a web-based Frequently Asked Question (FAQ) management system which is vulnerable to a cross site scripting issue arising from a failure to filter HTML or script from a malformed query, returning the submitted script as an error message which is then processed by the browser. This is done by submitting the script as an argument to the Faq-O-Matic component 'fom.cgi' - specifically, to the 'file' parameter.

Mitigation:

Input validation should be used to ensure that user-supplied data is properly sanitized and filtered before being used in the application.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/4565/info

Faq-O-Matic 2.711 and 2.712 is a web-based Frequently Asked Question (FAQ) management system. It is vulnerable to a cross site scripting issue arising from a failure to filter HTML or script from a malformed query, returning the submitted script as an error message which is then processed by the browser. This is done by submitting the script as an argument to the Faq-O-Matic component "fom.cgi" - specifically, to the "file" parameter. This script is then treated by the user's browser as though it originated from the Faq-O-Matic web site.

http://www.wherever.tld/path_to_Faq-O-Matic/fom?file=<script>alert('If+this+script+was+modified,+it+could+easily+steal+amigadev.net+cookies+and+log+them+to+a+remote+location')</script>&step