Concrete CMS Stored XSS in the Custom Class page editing

2024-04-0321:31:41

CWE-20

CWE-79

GitHub Advisory Database

github.com

concrete cms

stored xss

custom class page editing

security vulnerability

cvss v3.1

rogue administrator

malicious code

validation

nvd

alexey solovyev

6.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

8.7%

JSON

Concrete CMS version 9 before 9.2.8 and previous versions before 8.5.16 are vulnerable to Stored XSS in the Custom Class page editing. Prior to the fix, a rogue administrator could insert malicious code in the custom class field due to insufficient validation of administrator provided data. The Concrete CMS security team gave this vulnerability a CVSS v3.1 score of 3.1 with a vector of AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:L https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator . Thanks Alexey Solovyev for reporting.

CPENameOperatorVersion
concrete5/concrete5lt8.5.16
concrete5/concrete5lt9.2.8

CPE	Name	Operator	Version
	concrete5/concrete5	lt	8.5.16
	concrete5/concrete5	lt	9.2.8

References

documentation.concretecms.org/9-x/developers/introduction/version-history/928-release-notes?_gl=1*1bcxp5s*_ga*MTc1NDc0Njk2Mi4xNzA2ODI4MDU1*_ga_HFB3HPNNLS*MTcxMjE2NjYyNi4xMy4xLjE3MTIxNjY2ODEuMC4wLjA.

documentation.concretecms.org/developers/introduction/version-history/8516-release-notes?_gl=1*1oa3zn1*_ga*MTc1NDc0Njk2Mi4xNzA2ODI4MDU1*_ga_HFB3HPNNLS*MTcxMjE2NjYyNi4xMy4xLjE3MTIxNjY3MDcuMC4wLjA.

github.com/advisories/GHSA-r7q4-cw9r-vhp4

github.com/concretecms/concretecms/commit/822e689cefe1eb876e9de31dad9ce660f3b5c295

github.com/concretecms/concretecms/commit/f2ea49b3cdbac3cbfdf5d3c862de7b7097bbe904

github.com/concretecms/concretecms/pull/11988

github.com/concretecms/concretecms/pull/11989

nvd.nist.gov/vuln/detail/CVE-2024-3179