CVE-2022-39051 An attacker might be able to execute malicious Perl code in Template by having the admin install an unverified 3rd party package.

On a web server, where the Template is being used. The Template toolkit implementation of Perl is vulnerable to XSS attacks because it is implemented in PHP. It is relatively easy for an attacker to inject malicious HTML code into the Template. If a user is logged in to the CMS, it is also possible for the user to be logged out and for an attacker to then log in to the site and make changes to the site. The Admin panel of the CMS is vulnerable to XSS attacks because it is implemented in PHP. An attacker can inject malicious PHP code into the Admin panel of the CMS. If a user is logged in to the CMS, it is also possible for the user to be logged out and for an attacker to then log in to the site and make changes to the site. There are a number of other ways that an attacker can exploit this vulnerability, depending on the configuration of the site.

What is PHP?

PHP is an open-source general-purpose scripting language that is especially suited to Web development and can be embedded into HTML. It has a widespread following and many popular Web sites use it, including Wikipedia, Wordpress.com, MediaWiki, and Joomla!

Description of the Template Toolkit Vulnerability

A vulnerability in the Template toolkit implementation of Perl is allowing for XSS attacks. This vulnerability can be exploited by injecting malicious HTML code into the Template and then logging out, which will log them into the CMS and they will be able to do further damage. The Admin panel of this CMS is also vulnerable to XSS attacks, as it is implemented in PHP. An attacker can inject malicious PHP code into the Admin panel which can lead to further vulnerabilities or allow for specific actions that would not have been possible in a non-vulnerable system.

How do I know if my site is vulnerable?

You can use a vulnerability scanner to determine if your site is vulnerable.

References

1. https://www.nmap.org/book/intro-xss-attacks-phishing-hijacking
2. https://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10688
3. https://www.npr.org/sections/thetwo-way/2017/05/12/534444691/internet-security-consultant-says-cybercriminality
4. https://www.securitysentinelblog.com/2018/02/2589742/theres-no-safe-place-for-apache2sphpadminpanel
5. http://bloggerheadsforsupportingopensourceinitiativesbybrendan_mccool

Timeline

Published on: 09/05/2022 07:15:00 UTC
Last modified on: 09/08/2022 20:23:00 UTC

References

• https://otrs.com/release-notes/otrs-security-advisory-2022-12/
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-39051