CVE-2019-14228 — MEDIUM (6.1)

Vulnerability Description

Xavier PHP Management Panel 3.0 is vulnerable to Reflected POST-based XSS via the username parameter when registering a new user at admin/includes/adminprocess.php. If there is an error when registering the user, the unsanitized username will reflect via the error page. Due to the lack of CSRF protection on the admin/includes/adminprocess.php endpoint, an attacker is able to chain the XSS with CSRF in order to cause remote exploitation.

CVSS Score

6.1

MEDIUM

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality

LOW

Integrity

LOW

Availability

NONE

Affected Products

Vendor	Product	Versions
Angry-Frog	Xavier	3.0

Related Weaknesses (CWE)

CWE-79 CWE-352

References

https://codecanyon.net/item/xavier-php-login-script-user-management/9146226Product
https://m-q-t.github.io/notes/xavier-csrf-to-xss-takeover/ExploitThird Party Advisory
https://codecanyon.net/item/xavier-php-login-script-user-management/9146226Product
https://m-q-t.github.io/notes/xavier-csrf-to-xss-takeover/ExploitThird Party Advisory

FAQ

What is CVE-2019-14228?

CVE-2019-14228 is a vulnerability with a CVSS score of 6.1 (MEDIUM). Xavier PHP Management Panel 3.0 is vulnerable to Reflected POST-based XSS via the username parameter when registering a new user at admin/includes/adminprocess.php. If there is an error when registeri...

How severe is CVE-2019-14228?

CVE-2019-14228 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-14228?

Check the references section above for vendor advisories and patch information. Affected products include: Angry-Frog Xavier.