Lucene search

GitHub Advisory DatabaseGHSA-XWRH-QXMC-X8C8

HistoryApr 03, 2024 - 9:31 p.m.

Concrete CMS Cross-site Scripting (XSS) in the Advanced File Search Filter

2024-04-0321:31:41

CWE-20

CWE-79

GitHub Advisory Database

github.com

concrete cms

cross-site scripting

xss

advanced file search filter

vulnerability

file manager

insufficient validation

cvss v3.1

CVSS3

3.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:L

AI Score

6.2

Confidence

High

EPSS

Percentile

9.0%

JSON

Concrete CMS versions 9 below 9.2.8 and versions below 8.5.16 are vulnerable to Cross-site Scripting (XSS) in the Advanced File Search Filter. Prior to the fix, a rogue administrator could add malicious code in the file manager because of insufficient validation of administrator provided data. All administrators have access to the File Manager and hence could create a search filter with the malicious code attached. The Concrete CMS security team gave this vulnerability a CVSS v3.1 score of 3.1 with a vector of AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:L https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator .

Affected configurations

Vulners

Node

concrete5concrete5Range<8.5.16

concrete5concrete5Range9.0.0RC1–9.2.8

VendorProductVersionCPE
concrete5concrete5*cpe:2.3:a:concrete5:concrete5:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
concrete5	concrete5	*	cpe:2.3:a:concrete5:concrete5::::::::

References

documentation.concretecms.org/9-x/developers/introduction/version-history/928-release-notes?_gl=1*1bcxp5s*_ga*MTc1NDc0Njk2Mi4xNzA2ODI4MDU1*_ga_HFB3HPNNLS*MTcxMjE2NjYyNi4xMy4xLjE3MTIxNjY2ODEuMC4wLjA.

documentation.concretecms.org/developers/introduction/version-history/8516-release-notes?_gl=1*1oa3zn1*_ga*MTc1NDc0Njk2Mi4xNzA2ODI4MDU1*_ga_HFB3HPNNLS*MTcxMjE2NjYyNi4xMy4xLjE3MTIxNjY3MDcuMC4wLjA.

github.com/advisories/GHSA-xwrh-qxmc-x8c8

github.com/concretecms/concretecms/commit/822e689cefe1eb876e9de31dad9ce660f3b5c295

github.com/concretecms/concretecms/commit/f2ea49b3cdbac3cbfdf5d3c862de7b7097bbe904

github.com/concretecms/concretecms/pull/11988

github.com/concretecms/concretecms/pull/11989

nvd.nist.gov/vuln/detail/CVE-2024-3178

CVSS3

3.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:L

AI Score

6.2

Confidence

High

EPSS

Percentile

9.0%

JSON

Related for GHSA-XWRH-QXMC-X8C8