CVE-2024-1245

Concrete CMS version 9 before 9.2.5 is vulnerable to stored XSS in file tags and description attributes since administrator entered file attributes are not sufficiently sanitized in the Edit Attributes page. A rogue administrator could put malicious code into the file tags or description attributes and, when another administrator opens the same file for editing, the malicious code could execute. The Concrete CMS Security team scored this 2.4 with CVSS v3 vector AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N.
Configurations

Configuration 1 (hide)

cpe:2.3:a:concretecms:concrete_cms:*:*:*:*:*:*:*:*

History

21 Nov 2024, 08:50

Type Values Removed Values Added
References () https://documentation.concretecms.org/9-x/developers/introduction/version-history/925-release-notes - Release Notes, Vendor Advisory () https://documentation.concretecms.org/9-x/developers/introduction/version-history/925-release-notes - Release Notes, Vendor Advisory
References () https://www.concretecms.org/about/project-news/security/2024-02-04-security-advisory - Vendor Advisory () https://www.concretecms.org/about/project-news/security/2024-02-04-security-advisory - Vendor Advisory
CVSS v2 : unknown
v3 : 4.8
v2 : unknown
v3 : 2.4

15 Feb 2024, 04:44

Type Values Removed Values Added
CPE cpe:2.3:a:concretecms:concrete_cms:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : 2.4
v2 : unknown
v3 : 4.8
First Time Concretecms
Concretecms concrete Cms
References () https://documentation.concretecms.org/9-x/developers/introduction/version-history/925-release-notes - () https://documentation.concretecms.org/9-x/developers/introduction/version-history/925-release-notes - Release Notes, Vendor Advisory
References () https://www.concretecms.org/about/project-news/security/2024-02-04-security-advisory - () https://www.concretecms.org/about/project-news/security/2024-02-04-security-advisory - Vendor Advisory
CWE CWE-79
Summary
  • (es) La versión 9 de Concrete CMS anterior a la 9.2.5 es vulnerable a XSS almacenado en etiquetas de archivos y atributos de descripción, ya que los atributos de archivo ingresados por el administrador no están suficientemente sanitizados en la página Edit Attributes. Un administrador deshonesto podría colocar código malicioso en las etiquetas del archivo o en los atributos de descripción y, cuando otro administrador abra el mismo archivo para editarlo, el código malicioso podría ejecutarse. El equipo de seguridad de Concrete CMS obtuvo una puntuación de 2,4 con el vector CVSS v3 AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N.

09 Feb 2024, 22:15

Type Values Removed Values Added
Summary (en) Concrete CMS version 9 before 9.2.5 is vulnerable to stored XSS in file tags and description attributes since administrator entered file attributes are not sufficiently sanitized in the Edit Attributes page. A rogue administrator could put malicious code into the file tags or description attributes and, when another administrator opens the same file for editing, the malicious code could execute. The Concrete CMS Security team scored this 2.4 with CVSS v3 vector AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator . (en) Concrete CMS version 9 before 9.2.5 is vulnerable to stored XSS in file tags and description attributes since administrator entered file attributes are not sufficiently sanitized in the Edit Attributes page. A rogue administrator could put malicious code into the file tags or description attributes and, when another administrator opens the same file for editing, the malicious code could execute. The Concrete CMS Security team scored this 2.4 with CVSS v3 vector AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N.

09 Feb 2024, 20:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-02-09 20:15

Updated : 2024-11-21 08:50


NVD link : CVE-2024-1245

Mitre link : CVE-2024-1245

CVE.ORG link : CVE-2024-1245


JSON object : View

Products Affected

concretecms

  • concrete_cms
CWE
CWE-20

Improper Input Validation

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')