Lucene search

[email protected]CVE-2023-44760

HistoryOct 23, 2023 - 10:15 p.m.

CVE-2023-44760

2023-10-2322:15:09

CWE-79

[email protected]

web.nvd.nist.gov

cve-2023-44760

cross site scripting

xss

concrete cms

arbitrary code execution

security

vulnerability

nvd

4.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

5.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

21.7%

JSON

Multiple Cross Site Scripting (XSS) vulnerabilities in Concrete CMS v.9.2.1 allow an attacker to execute arbitrary code via a crafted script to the Header and Footer Tracking Codes of the SEO & Statistics. NOTE: the vendor disputes this because these header/footer changes can only be made by an admin, and allowing an admin to place JavaScript there is an intentional customization feature. Also, the exploitation method claimed by “sromanhu” does not provide any access to a Concrete CMS session, because the Concrete CMS session cookie is configured as HttpOnly.

Affected configurations

NVD

Node

concretecmsconcrete_cmsMatch9.2.1

CPENameOperatorVersion
concretecms:concrete_cmsconcretecms concrete cmseq9.2.1

CPE	Name	Operator	Version
concretecms:concrete_cms	concretecms concrete cms	eq	9.2.1

References

github.com/sromanhu/ConcreteCMS-Stored-XSS---TrackingCodes

github.com/sromanhu/CVE-2023-44760_ConcreteCMS-Stored-XSS---TrackingCodes/issues/1

www.concretecms.org/about/project-news/security/security-advisory-2023-10-31-concrete-cms-rejects-cve-2023-44760-and-cve-2023-44766