Miggo Logo

CVE-2012-1209: Fork CMS XSS via Highlight Parameter

4.3

CVSS Score

Basic Information

EPSS Score
0.51665%
Published
5/14/2022
Updated
1/12/2024
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
AV:N/AC:M/Au:N/C:N/I:P/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
forkcms/forkcmscomposer<= 3.2.43.2.5

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from the unescaped 'highlight' parameter being passed to the template engine in BackendBaseAction::execute. The GitHub patch adds strip_tags() sanitization to this parameter, confirming that the lack of input filtering in the original code (via $this->getParameter('highlight')) was the vulnerable path. The function's role in processing user input for template rendering directly correlates with the XSS vulnerability described.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*ross-sit* s*riptin* (XSS) vuln*r**ility in `***k*n*/*or*/*n*in*/**s*.p*p` in *ork *MS *.*.* *n* possi*ly ot**r v*rsions ***or* *.*.* *llows r*mot* *tt**k*rs to inj**t *r*itr*ry w** s*ript or *TML vi* t** *i**li**t p*r*m*t*r.

Reasoning

T** vuln*r**ility st*ms *rom t** un*s**p** '*i**li**t' p*r*m*t*r **in* p*ss** to t** t*mpl*t* *n*in* in `***k*n***s***tion::*x**ut*`. T** *it*u* p*t** ***s `strip_t**s()` s*nitiz*tion to t*is p*r*m*t*r, *on*irmin* t**t t** l**k o* input *ilt*rin* in