CVE-2011-1723

Redmine 1.0.1-1.1.1 - Cross-Site Scripting via PATH_INFO

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2011-1723. PoCs published by Mesut Timur.

AI-analyzed exploit summary The provided text describes a cross-site scripting (XSS) vulnerability in Redmine versions 1.0.1 and 1.1.1, where user-supplied input is not properly sanitized. The example URL demonstrates how an attacker could exploit this issue to execute arbitrary script code in a user's browser.

Description

Cross-site scripting (XSS) vulnerability in app/views/layouts/base.rhtml in Redmine 1.0.1 through 1.1.1 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to projects/hg-helloworld/news/. NOTE: some of these details are obtained from third party information.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Mesut Timur · textwebappsphp

https://www.exploit-db.com/exploits/35572

View Code ZIP pw:eip

The provided text describes a cross-site scripting (XSS) vulnerability in Redmine versions 1.0.1 and 1.1.1, where user-supplied input is not properly sanitized. The example URL demonstrates how an attacker could exploit this issue to execute arbitrary script code in a user's browser.

Classification

Writeup 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Theoretical

Target: Redmine 1.0.1, 1.1.1

No auth needed

Prerequisites: Access to a vulnerable Redmine instance · Ability to craft a malicious URL

MITRE ATT&CK