High-Tech Bridge Security Research Lab discovered vulnerability in Twilight CMS, which can be exploited to perform Cross-Site Scripting (XSS) attacks.
- Cross-Site Scripting (XSS) in Twilight CMS: CVE-2013-4899
The vulnerability exists due to insufficient filtration of user-supplied data appended to “/gallery/” URL. A remote attacker can trick a logged-in user to open a specially crafted link and execute arbitrary HTML and script code in browser in context of the vulnerable website.
The exploitation example below uses JavaScript “alert()” function to display user’s cookies:
http://[host]/gallery//%f6%22%20onmouseover%3dalert%28document.cookie%29%20/ /