CVE-2015-3425

Vulnerability

The Accentis Content Resource Management System (CRMS) before the October 2015 patch contains a stored or reflected cross-site scripting (XSS) vulnerability in the ctl00$cph_content$_uig_formState parameter. The vulnerable code does not properly sanitize user-supplied input, allowing arbitrary web script or HTML to be injected [1]. Affected are all versions prior to the October 2015 patch.

Exploitation

An attacker can exploit this vulnerability by crafting a malicious URL or form submission containing the XSS payload in the ctl00$cph_content$_uig_formState parameter [1]. No authentication or special privileges are required; the attacker only needs to trick a victim into clicking the crafted link or visiting a malicious page. The payload executes in the context of the victim's browser session on the vulnerable CRMS instance.

Impact

Successful exploitation allows the attacker to execute arbitrary JavaScript or HTML in the victim's browser, leading to information disclosure, session hijacking, or defacement within the CRMS application [1]. The attacker can perform actions on behalf of the victim, potentially accessing sensitive data managed by the system.

Mitigation

Accentis released a patch in October 2015 that addresses this XSS vulnerability. Users should update to the patched version immediately [1]. If patching is not possible, input validation and output encoding for the ctl00$cph_content$_uig_formState parameter should be implemented as a workaround. This CVE is not listed in CISA's Known Exploited Vulnerabilities catalog.