We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

Contact Us Contact Us Contact Us
Contact Us Contact Us Contact Us

Vulnerabilities in Web Content Management Systems

There are vulnerabilities in Web Content Management Systems (WCMS) which are often overlooked, such as stored and reflected cross-site scripting attacks.


During my time as a penetration tester I have come across a series of Web Content Management Systems (WCMS) including both Free Open Source Software (FOSS) and Commercial Off The Shelf (COTS) software deployed in a number of private and public institutions.


The purpose of WCMS’s are to provide an easy alternative method for website designers and developers to create interactive web site content that is easy to both manage and administer. It is also regularly touted that a number of benefits can be gained from using a WCMS over custom developed websites. One of which is an “increased level of security.”


However, during my penetration testing endeavours I have found that a number of WCMSs are vulnerable to many exploitable security vulnerabilities. An example, was a version of Alfresco CMS that I recently tested for a client, which was vulnerable to stored and reflected cross-site scripting attacks, access control issues and file upload vulnerabilities. In this particular scenario it was possible for users with guest level access (lowest level) to escalate their privileges to that of a co-ordinator (administrator level) by exploiting a stored cross-site scripting flaw in a forum to obtain the co-ordinator’s session information. It was also possible for a guest user to view an assortment of data available within the application including sensitive documents, emails belonging to staff members (including company director) and view all the available users in the system due to Access control issues. The impact of these vulnerabilities were high because the system was used by both staff members and affiliated companies.

Other vulnerable WCMSs I have tested include Drupal, Kentico, Wordpress and Umbraco, all of which suffered from one or more of the following; SQL injection, cross-site scripting, weak passwords, cross-site request forgery, access control issues and file upload vulnerabilities to name a few.

 

In the majority of cases the versions were out-dated, but were in use on public facing web servers and so at risk. Therefore, It is very important to ensure WCMS are kept up-to-date. I have found that more mature WCMSs do tend to have less vulnerabilities than custom developed applications, if they are kept up-to-date. It would also be worth considering penetration testing to help determine your risks.


Find out how we can help with your cyber challenge

Please enter your contact details using the form below for a free, no obligation, quote and we will get back to you as soon as possible. Alternatively, you can email us directly at busdev@www.dionach.com
Contact Us

Contact Us Reach out to one of our cyber experts and we will arrange a call