SSD安全公告–Ametys CMS未经身份验证

Want to get paid for a vulnerability similar to this one?
Contact us at: sxsxdx@xbxexyxoxnxdxsxexcxuxrxixtxy.xcom
See our full scope at: https://blogs.securiteam.com/index.php/product_scope

漏洞概要
下面我们将描述在Ametys CMS 4.0.2版本中发现的密码重置漏洞。

Ametys是一个免费的开源内容管理系统(CMS),它基于JSR-170存储内容,有公开的小工具和一个面向xml的框架。

漏洞提交者
一位独立的安全研究人员—何塞·路易斯(Jose Luis),向Beyond Security的SSD报告了该漏洞。

厂商响应
Ametys已经发布了修补该漏洞的补丁-Ametys CMS 4.0.3

获取更多细节:https://issues.ametys.org/browse/RUNTIME-2582

Continue reading SSD安全公告–Ametys CMS未经身份验证

SSD Advisory – Ametys CMS Unauthenticated Password Reset

Want to get paid for a vulnerability similar to this one?
Contact us at: sxsxdx@xbxexyxoxnxdxsxexcxuxrxixtxy.xcom
See our full scope at: https://blogs.securiteam.com/index.php/product_scope

Vulnerability Summary
The following advisory describes a password reset vulnerability found in Ametys CMS version 4.0.2

Ametys is “a free and open source content management system (CMS) written in Java. It is based on JSR-170 for content storage, Open Social for gadget rendering and a XML oriented framework.”

Credit
An independent security researcher, Jose Luis, has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program

Vendor response
Ametys has released patches to address this vulnerability – Ametys version 4.0.3

For more details: https://issues.ametys.org/browse/RUNTIME-2582

Continue reading SSD Advisory – Ametys CMS Unauthenticated Password Reset