XSS Vulnerability in KajonaCMS


Advisory by Netsparker (now Invicti)
Name: XSS Vulnerability in KajonaCMS
Software: KajonaCMS v4 and possibly below.
Vendor Homepage: http://www.kajona.de/
Vulnerability Type: Cross-site Scripting
Severity: Critical
Researcher: Omar Kurt
Advisory Reference: NS-14-023


Kajona is a content management framework based on PHP5 and published as an open-source project under the LGPL license. The roots of the project are going back to 2004 as collected programming solutions where combined into a library. The idea of a web content management framework was born – followed by version 2.0 in 2005 and 2.1 in the beginning of 2006. Version 3.0 was published with a complete code rewrite in 2006.


KajonaCMS is affected by XSS vulnerability in version v4.
KajonaCMS PoC urls are as follows:

  • Cross-site Scripting
    http://example.com/index.php?page=downloads&systemid=';"--></style></scRipt><scRipt>alert(0x0001EE)</scRipt>&action=mediaFolder (Querystring)

Learn more about Cross-site Scripting vulnerabilities:



Advisory Timeline

05/06/2014 – First Contact
07/06/2014 – Second Contact
08/06/2014 – Vulnerability fixed
23/06/2014 – Advisory released


It has been discovered on testing of Invicti Web Application Security Scanner.

About Invicti

Invicti® can find and report security issues such as SQL Injection and Cross-site Scripting (XSS) in all web applications regardless of the platform and the technology they are built on. Invicti’s unique detection and exploitation techniques allows it to be dead accurate in reporting hence it’s the first and the only False Positive Free web application security scanner.