Impact
Some request headers are not correctly sanitised when stored in the session and display tables.
These headers can be used to inject a malicious script into the session page to exfiltrate session IDs and User Agents. These session IDs / User Agents can subsequently be used to hijack active sessions.
A malicious script can be injected into the display grid to exfiltrate information related to displays.
Patches
Users should upgrade to version 3.3.10 or 4.0.9 which fix this issue. Customers who host their CMS with Xibo Signage have already received an upgrade or patch to resolve this issue regardless of the CMS version that they are running.
Workarounds
Upgrading to a fixed version is necessary to remediate.
Patches are available for earlier versions of Xibo CMS that are out of security support:
References
Xibo Signage Security Advisory
Credit
Thanks to @Saadet-T (Saadet Elif Tokuoğlu) who discovered this issue.
Impact
Some request headers are not correctly sanitised when stored in the session and display tables.
These headers can be used to inject a malicious script into the session page to exfiltrate session IDs and User Agents. These session IDs / User Agents can subsequently be used to hijack active sessions.
A malicious script can be injected into the display grid to exfiltrate information related to displays.
Patches
Users should upgrade to version 3.3.10 or 4.0.9 which fix this issue. Customers who host their CMS with Xibo Signage have already received an upgrade or patch to resolve this issue regardless of the CMS version that they are running.
Workarounds
Upgrading to a fixed version is necessary to remediate.
Patches are available for earlier versions of Xibo CMS that are out of security support:
References
Xibo Signage Security Advisory
Credit
Thanks to @Saadet-T (Saadet Elif Tokuoğlu) who discovered this issue.