Holes in ActiveWeb Contentserver CMS
German service provider RedTeam Pentesting has published several security advisories to report vulnerabilities in the ActiveWeb Contentserver 5.x content management system. Despite defined restrictions, users with editor rights can, for instance, create documents in any location or may exploit an SQL injection vulnerability to inject arbitrary commands and to manipulate the database.
It is also possible to manipulate the WYSIWYG interface to embed JavaScript code in documents, although this should be prevented. To do so, an editor must manipulate two POST requests when saving the document. Finally, two cross-site scripting vulnerabilities have been detected in ActiveWeb Contentserver. Affected versions include 5.6.2929 and prior versions. The bug has been fixed in version 5.6.2964.
- ActiveWeb Contentserver CMS SQL Injection Management Interface, security advisory by RedTeam
- ActiveWeb Contentserver CMS Multiple Cross Site Scriptings, security advisory by RedTeam
- ActiveWeb Contentserver CMS Clientside Filtering of Page Editor Content, security advisory by RedTeam
- ActiveWeb Contentserver CMS Editor Permission Settings Problem, security advisory by RedTeam
(mba)