プラットフォーム
php
コンポーネント
kortex-lite-advocate-office-management-system
修正版
1.0.1
A problematic cross-site scripting (XSS) vulnerability has been identified in Kortex Lite Advocate Office Management System versions 1.0 through 1.0. This flaw allows attackers to inject malicious scripts into the application, potentially leading to session hijacking or defacement. The vulnerability resides in the /control/client_data.php file and is triggered by manipulating the 'id' parameter. A patch is available in version 1.0.1.
Successful exploitation of CVE-2024-12536 enables an attacker to execute arbitrary JavaScript code within the context of a user's browser session. This can lead to the theft of sensitive information, such as login credentials and personal data. An attacker could also redirect users to malicious websites or modify the application's content to display misleading information. The impact is amplified if the application is used to manage sensitive client data, as a successful attack could compromise the confidentiality and integrity of that data. The vulnerability's remote accessibility increases the potential attack surface.
This vulnerability has been publicly disclosed, increasing the likelihood of exploitation. While the CVSS score is LOW, the ease of exploitation and potential impact warrant attention. No known active campaigns targeting this specific vulnerability have been reported at the time of writing. The vulnerability is not currently listed on the CISA KEV catalog.
Organizations utilizing Kortex Lite Advocate Office Management System version 1.0 for client management are at risk. This includes legal firms, advocacy groups, and any entity relying on this system to store and process sensitive client information. Shared hosting environments where multiple users share the same server instance are particularly vulnerable, as a compromise of one user could potentially impact others.
• php / web:
curl -s -X POST "http://your-target-url/control/client_data.php?id=<script>alert(1)</script>" | grep -i alert• generic web:
curl -s -X GET "http://your-target-url/control/client_data.php?id=<script>alert(1)</script>" | grep -i alertdisclosure
エクスプロイト状況
EPSS
0.30% (53% パーセンタイル)
CISA SSVC
CVSS ベクトル
The primary mitigation for CVE-2024-12536 is to upgrade to version 1.0.1 of Kortex Lite Advocate Office Management System. If upgrading immediately is not feasible, consider implementing input validation and output encoding on the 'id' parameter in the /control/client_data.php file. While not a complete solution, this can reduce the risk of successful exploitation. Web application firewalls (WAFs) configured to detect and block XSS payloads targeting the 'id' parameter can provide an additional layer of defense. After upgrading, verify the fix by attempting to inject a simple XSS payload (e.g., <script>alert(1)</script>) through the 'id' parameter and confirming that it is properly sanitized or blocked.
パッチが適用されたバージョンにアップデートするか、Kortex Lite Advocate Office Management Systemを無効化/削除してください。パッチが適用されたバージョンが利用できない場合は、/control/client_data.phpファイルにおける入力の検証とエスケープなどのセキュリティ対策を実装して、XSSのリスクを軽減することをお勧めします。
脆弱性分析と重要アラートをメールでお届けします。
CVE-2024-12536 is a cross-site scripting (XSS) vulnerability affecting Kortex Lite Advocate Office Management System versions 1.0–1.0, allowing attackers to inject malicious scripts.
You are affected if you are using Kortex Lite Advocate Office Management System version 1.0–1.0. Upgrade to version 1.0.1 to resolve the issue.
Upgrade to version 1.0.1. As a temporary workaround, implement input validation and output encoding on the 'id' parameter in /control/client_data.php.
While no active campaigns have been confirmed, the vulnerability has been publicly disclosed, increasing the risk of exploitation.
Refer to the SourceCodester website or relevant security forums for the official advisory regarding CVE-2024-12536.