CERTVU:526062CMS Made Simple contains multiple cross-site scripting vulnerabilities
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
EPSS
Percentile
54.5%
Overview
CMS Made Simple contains multiple cross-site scripting vulnerabilities
Description
CWE-79: Improper Neutralization of Input During Web Page Generation (βCross-site Scriptingβ) - CVE-2014-0334
The files:
cmsmadesimple/admin/addgroup.php on line 107 contains a post-authentication reflected XSS vulnerability in the group parameter.
cmsmadesimple/admin/addhtmlblob.php on line 165 contains a post-authentication reflected XSS vulnerability in the htmlblob parameter.
cmsmadesimple/admin/addbookmark.php on lines 92 and 96 contains a post-authentication reflected XSS vulnerability in the title and url parameters.
cmsmadesimple/admin/copystylesheet.php on line 117 contains a post-authentication reflected XSS vulnerability in the stylesheet_name parameter.
c``msmadesimple/admin/copytemplate.php on line 160 contains a post-authentication reflected XSS vulnerability in the template_name parameter.
cmsmadesimple/admin/editbookmark.php on lines 117 and 121 contains a post-authentication reflected XSS vulnerability in the title and url parameters.
cmsmadesimple/admin/listtemplates.php on line 188 contains a post-authentication persistent XSS vulnerability in the template parameter.
cmsmadesimple/admin/listcss.php on line 172 contains a post-authentication persistent XSS vulnerability in the css_name parameter.
Impact
A remote attacker that is able to trick a logged in administrative user in to visiting a specially crafted URL may be able to conduct a cross-site scripting attack. This attack may result in information leakage, privilege escalation, and/or denial of service.
Solution
We are currently unaware of a practical solution to this problem.
Vendor Information
526062
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
CMS Made Simple Affected
Notified: January 20, 2014 Updated: February 27, 2014
Status
Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | 4.9 | AV:N/AC:M/Au:S/C:P/I:P/A:N |
| Temporal | 3.7 | E:U/RL:U/RC:UC |
| Environmental | 0.9 | CDP:N/TD:L/CR:ND/IR:ND/AR:ND |
References
<http://www.cmsmadesimple.org/>
Acknowledgements
Thanks to Pedro Ribeiro of Agile Information Security for reporting this vulnerability.
This document was written by Chris King.
Other Information
| CVE IDs: | CVE-2014-0334 |
|---|---|
| Date Public: | 2014-02-28 Date First Published: |
References
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
EPSS
Percentile
54.5%