gsd-2024-1246
Vulnerability from gsd
Modified
2024-02-06 06:02
Details
Concrete CMS in version 9 before 9.2.5 is vulnerable to reflected XSS via the Image URL Import Feature due to insufficient validation of administrator provided data. A rogue administrator could inject malicious code when importing images, leading to the execution of the malicious code on the website user’s browser. The Concrete CMS Security team scored this 2 with CVSS v3 vector AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N. This does not affect Concrete versions prior to version 9.
Aliases
{
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2024-1246"
],
"details": "Concrete CMS in version 9 before 9.2.5 is vulnerable to reflected XSS via the Image URL Import Feature due to insufficient validation of administrator provided data. A rogue administrator could inject malicious code when importing images, leading to the execution of the malicious code on the website user\u2019s browser. The Concrete CMS Security team scored this 2 with CVSS v3 vector AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N. This does not affect Concrete versions prior to version 9.\n",
"id": "GSD-2024-1246",
"modified": "2024-02-06T06:02:56.217663Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@concretecms.org",
"ID": "CVE-2024-1246",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Concrete CMS ",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "9.0.0",
"version_value": "9.2.5"
}
]
}
}
]
},
"vendor_name": "Concrete CMS "
}
]
}
},
"credits": [
{
"lang": "en",
"value": "cupc4k3"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Concrete CMS in version 9 before 9.2.5 is vulnerable to reflected XSS via the Image URL Import Feature due to insufficient validation of administrator provided data. A rogue administrator could inject malicious code when importing images, leading to the execution of the malicious code on the website user\u2019s browser. The Concrete CMS Security team scored this 2 with CVSS v3 vector AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N. This does not affect Concrete versions prior to version 9.\n"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-20",
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://documentation.concretecms.org/9-x/developers/introduction/version-history/925-release-notes",
"refsource": "MISC",
"url": "https://documentation.concretecms.org/9-x/developers/introduction/version-history/925-release-notes"
},
{
"name": "https://www.concretecms.org/about/project-news/security/2024-02-04-security-advisory",
"refsource": "MISC",
"url": "https://www.concretecms.org/about/project-news/security/2024-02-04-security-advisory"
}
]
},
"source": {
"advisory": "Hackerone 2337524",
"discovery": "EXTERNAL"
}
},
"nvd.nist.gov": {
"cve": {
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:concretecms:concrete_cms:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B4CD16D-4D2C-45DC-ACAC-E107A4909305",
"versionEndExcluding": "9.2.5",
"versionStartIncluding": "9.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Concrete CMS in version 9 before 9.2.5 is vulnerable to reflected XSS via the Image URL Import Feature due to insufficient validation of administrator provided data. A rogue administrator could inject malicious code when importing images, leading to the execution of the malicious code on the website user\u2019s browser. The Concrete CMS Security team scored this 2 with CVSS v3 vector AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N. This does not affect Concrete versions prior to version 9.\n"
},
{
"lang": "es",
"value": "Concrete CMS en la versi\u00f3n 9 anterior a la 9.2.5 es vulnerable al XSS reflejado a trav\u00e9s de la funci\u00f3n de importaci\u00f3n de URL de imagen debido a una validaci\u00f3n insuficiente de los datos proporcionados por el administrador. Un administrador deshonesto podr\u00eda inyectar c\u00f3digo malicioso al importar im\u00e1genes, lo que provocar\u00eda la ejecuci\u00f3n del c\u00f3digo malicioso en el navegador del usuario del sitio web. El equipo de seguridad de Concrete CMS obtuvo este 2 con el vector CVSS v3 AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N. Esto no afecta a las versiones de Concrete anteriores a la versi\u00f3n 9."
}
],
"id": "CVE-2024-1246",
"lastModified": "2024-02-15T04:44:35.470",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.0,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.5,
"impactScore": 1.4,
"source": "ff5b8ace-8b95-4078-9743-eac1ca5451de",
"type": "Secondary"
}
]
},
"published": "2024-02-09T20:15:54.573",
"references": [
{
"source": "ff5b8ace-8b95-4078-9743-eac1ca5451de",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://documentation.concretecms.org/9-x/developers/introduction/version-history/925-release-notes"
},
{
"source": "ff5b8ace-8b95-4078-9743-eac1ca5451de",
"tags": [
"Vendor Advisory"
],
"url": "https://www.concretecms.org/about/project-news/security/2024-02-04-security-advisory"
}
],
"sourceIdentifier": "ff5b8ace-8b95-4078-9743-eac1ca5451de",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "ff5b8ace-8b95-4078-9743-eac1ca5451de",
"type": "Secondary"
}
]
}
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…