Lucene search

K
githubGitHub Advisory DatabaseGHSA-9V3W-CJ7M-QH5G
HistoryFeb 09, 2024 - 9:30 p.m.

Concrete CMS vulnerable to reflected XSS via the Image URL Import Feature

2024-02-0921:30:57
CWE-20
CWE-79
GitHub Advisory Database
github.com
4
concrete cms
vulnerable
image url import
reflected xss
administrator validation

4.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

6.1 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

14.0%

Concrete CMS in version 9 before 9.2.5 is vulnerable to reflected XSS via the Image URL Import Feature due to insufficient validation of administrator provided data. A rogue administrator could inject malicious code when importing images, leading to the execution of the malicious code on the website user’s browser. The Concrete CMS Security team scored this 2 with CVSS v3 vector AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator . This does not affect Concrete versions prior to version 9.

Affected configurations

Vulners
Node
concrete5concrete5Range<9.2.5
CPENameOperatorVersion
concrete5/concrete5lt9.2.5

4.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

6.1 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

14.0%

Related for GHSA-9V3W-CJ7M-QH5G