Subscribe: RSS
  • Product: MODX Evolution
    Risk: Very High
    Severity: Critical
    Versions: 1.0.5 and all previous releases
    Vunerability type: Remote Script Execution*
    Report Date: 2012-Feb-16
    Fixed Date: 2012-Feb-20

    Description

    A vigilant community member sent us a security notice to let us know that he found a security issue in a compromised site running MODX Evolution 1.0.5.

    Upon investigation, we determined that MODX Evolution had been sanitizing global GPC (GET/POST/Cookie or Request) variables in a way that allowed any Snippet within MODX that echoed user input (i.e. a website form field) from the GPC variables back to the output (for display) to inadvertently execute the MODX tags provided in the input field.

    *Remote script execution requires specific configurations of add-ons included in the core.

    Affected Releases
    All MODX 0.9.x/Evolution releases prior to and including MODX Evolution 1.0.5 are affected.

    Solution
    Upgrade to MODX Evolution 1.0.6 [ed. note: smashingred last edited this post 5 years, 2 months ago.]
      Author of zero books. Formerly of many strange things. Pairs well with meats. Conversations are magical experiences. He's dangerous around code but a markup magician. BlogTwitterLinkedInGitHub

    This discussion is closed to further replies. Keep calm and carry on.