Title: Cross-Site Scripting in JNews Joomla Component
CVE ID: CVE-2015-7343
CVSSv3 Base Score: 6.7 (AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L)
Products: JNews Core
Advisory Release Date: 28 October 2015
Advisory URL: https://labs.integrity.pt/advisories/cve-2015-7343
Credits: Discovery by Fábio Pires <fp[at]integrity.pt>, Filipe Reis <fr[at]integrity.pt>, Vitor Oliveira <vo[at]integrity.pt>
The Jnews's Joomla Extension is vulnerable to Reflected Cross-Site Scripting in the mailingsearch parameter.
[caption id="attachment_532" align="alignnone" width="921"] Post Request[/caption]
[caption id="" align="alignnone" width="896"] Server response[/caption]
[caption id="" align="alignnone" width="813"] Browser output[/caption]
This vulnerability can be exploited from the back-end of joomla (/administrator), but it also can be exploited by using a simple Registered account.