eFront 3.6.14 (build 18012) - Multiple Persistent Cross-Site Scripting Vulnerabilities

Related Vulnerabilities: CVE-2013-7194  
Publish Date: 11 Dec 2013
Author: sajith

Exploit-DB Note: Screenshot provided by exploit author.

[~] Exploit Title: eFront v3.6.14 (build 18012) -Stored XSS in multiple
[~] Author: sajith
[~] version: eFront v3.6.14- build 18012
[~]Vendor Homepage: http://www.efrontlearning.net/
[~] vulnerable app link:http://www.efrontlearning.net/download

POC by sajith shetty:

[###]Log in with admin account and create new user

(Home � Users � Administrator S. (root) � New user)

Here "Last name" field is vulnerable to stored XSS [payload:"><img src=x
onerror=prompt(1);>  ]

[###]create new lesson option (

ctg=lessons&add_lesson=1) where "Lession name" is vulnerable to stored xss

[payload:"><img src=x onerror=prompt(1);>  ]

[###]create new courses option(

ctg=courses&add_course=1) where "Course name:" filed is vulnerable to
stored XSS