Stored Cross Site Scripting (XSS) and CSRF vulnerability can be chained to achieve account takeover.

NavigateCMS / Navigate-CMS

Navigate CMS, a very powerful open source content management system for everybody.

http://www.navigatecms.com

GNU General Public License v2.0

8 stars 4 forks source link

Closed SecGus closed 4 years ago

SecGus commented 4 years ago

I have discovered multiple vulnerabilities in the application, that can be chained together to achieve a full account takeover.

SecGus commented 4 years ago

I tried to report it via the support link for bugs on your main page (https://bitbucket.org/navigatecms/navigatecms/issues/new), this seems to be broken, so if you are interested in more details, please reply on here.

NavigateCMS commented 4 years ago

Thank you for finding this issue. Do you mind sending all details via email to info@navigatecms.com?

SecGus commented 4 years ago

E-mail with details sent. Let me know if anything else is needed.

NavigateCMS commented 4 years ago

Fixed by 967da65e40efbdf31973b8f065de9eabebd3accf and other commits