Incapsula Component for Joomla! 'token' Parameter Multiple XSS

medium Nessus Plugin ID 64484

Synopsis

The remote web server contains a PHP application that is affected by multiple cross-site scripting vulnerabilities.

Description

The version of the Incapsula component for Joomla! running on the remote host is affected by multiple cross-site scripting (XSS) vulnerabilities in the Security.php and Performance.php scripts due to improper sanitization of user-supplied input to the 'token' parameter before using it to generate dynamic HTML content. An unauthenticated, remote attacker can exploit this to inject arbitrary HTML and script code into the user's browser session.

Solution

Upgrade to Joomla! version 1.4.6_c or later.

See Also

https://www.zeroscience.mk/en/vulnerabilities/ZSL-2013-5121.php

Plugin Details

Severity: Medium

ID: 64484

File Name: joomla_incapsula_xss.nasl

Version: 1.14

Type: remote

Published: 2/6/2013

Updated: 6/5/2024

Configuration: Enable thorough checks

Supported Sensors: Nessus

Enable CGI Scanning: true

Vulnerability Information

CPE: cpe:/a:joomla:joomla%5c%21

Required KB Items: www/PHP, installed_sw/Joomla!

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Available: true

Exploit Ease: Exploits are available

Exploited by Nessus: true

Patch Publication Date: 12/20/2012

Vulnerability Publication Date: 1/8/2013

Reference Information

BID: 57190

CWE: 20, 442, 629, 711, 712, 722, 725, 74, 750, 751, 79, 800, 801, 809, 811, 864, 900, 928, 931, 990