gsd-2024-3178
Vulnerability from gsd
Modified
2024-04-03 05:02
Details
Concrete CMS versions 9 below 9.2.8 and versions below 8.5.16 are vulnerable to Cross-site Scripting (XSS) in the Advanced File Search Filter. Prior to the fix, a rogue administrator could add malicious code in the file manager because of insufficient validation of administrator provided data. All administrators have access to the File Manager and hence could create a search filter with the malicious code attached. The Concrete CMS security team gave this vulnerability a CVSS v3.1 score of 3.1 with a vector of AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:L https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator .
Aliases
{
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2024-3178"
],
"details": "Concrete CMS versions 9 below 9.2.8 and versions below\u00a08.5.16 are vulnerable to\u00a0Cross-site Scripting (XSS) in the Advanced File Search Filter.\u00a0Prior to the fix, a rogue administrator could add malicious code in the file manager because of insufficient validation of administrator provided data. All administrators have access to the File Manager and hence could create a search filter with the malicious code attached. The Concrete CMS security team gave this vulnerability a CVSS v3.1 score of 3.1 with a vector of AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:L https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator .\u00a0\u00a0\n\n",
"id": "GSD-2024-3178",
"modified": "2024-04-03T05:02:29.872743Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@concretecms.org",
"ID": "CVE-2024-3178",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Concrete CMS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "9.0.0",
"version_value": "9.2.8"
},
{
"version_affected": "\u003c",
"version_name": "5.0.0",
"version_value": "8.5.16"
}
]
}
}
]
},
"vendor_name": "Concrete CMS"
}
]
}
},
"credits": [
{
"lang": "en",
"value": "javakhishvili"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Concrete CMS versions 9 below 9.2.8 and versions below\u00a08.5.16 are vulnerable to\u00a0Cross-site Scripting (XSS) in the Advanced File Search Filter.\u00a0Prior to the fix, a rogue administrator could add malicious code in the file manager because of insufficient validation of administrator provided data. All administrators have access to the File Manager and hence could create a search filter with the malicious code attached. The Concrete CMS security team gave this vulnerability a CVSS v3.1 score of 3.1 with a vector of AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:L https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator .\u00a0\u00a0\n\n"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:L",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-20",
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://documentation.concretecms.org/developers/introduction/version-history/8516-release-notes?_gl=1*1oa3zn1*_ga*MTc1NDc0Njk2Mi4xNzA2ODI4MDU1*_ga_HFB3HPNNLS*MTcxMjE2NjYyNi4xMy4xLjE3MTIxNjY3MDcuMC4wLjA.",
"refsource": "MISC",
"url": "https://documentation.concretecms.org/developers/introduction/version-history/8516-release-notes?_gl=1*1oa3zn1*_ga*MTc1NDc0Njk2Mi4xNzA2ODI4MDU1*_ga_HFB3HPNNLS*MTcxMjE2NjYyNi4xMy4xLjE3MTIxNjY3MDcuMC4wLjA."
},
{
"name": "https://documentation.concretecms.org/9-x/developers/introduction/version-history/928-release-notes?_gl=1*1bcxp5s*_ga*MTc1NDc0Njk2Mi4xNzA2ODI4MDU1*_ga_HFB3HPNNLS*MTcxMjE2NjYyNi4xMy4xLjE3MTIxNjY2ODEuMC4wLjA.",
"refsource": "MISC",
"url": "https://documentation.concretecms.org/9-x/developers/introduction/version-history/928-release-notes?_gl=1*1bcxp5s*_ga*MTc1NDc0Njk2Mi4xNzA2ODI4MDU1*_ga_HFB3HPNNLS*MTcxMjE2NjYyNi4xMy4xLjE3MTIxNjY2ODEuMC4wLjA."
}
]
},
"source": {
"advisory": "https://hackerone.com/reports/949443",
"discovery": "EXTERNAL"
}
},
"nvd.nist.gov": {
"cve": {
"descriptions": [
{
"lang": "en",
"value": "Concrete CMS versions 9 below 9.2.8 and versions below\u00a08.5.16 are vulnerable to\u00a0Cross-site Scripting (XSS) in the Advanced File Search Filter.\u00a0Prior to the fix, a rogue administrator could add malicious code in the file manager because of insufficient validation of administrator provided data. All administrators have access to the File Manager and hence could create a search filter with the malicious code attached. The Concrete CMS security team gave this vulnerability a CVSS v3.1 score of 3.1 with a vector of AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:L https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator .\u00a0\u00a0\n\n"
},
{
"lang": "es",
"value": "Las versiones 9 de Concrete CMS inferiores a 9.2.8 y las versiones inferiores a 8.5.16 son vulnerables a Cross-site Scripting (XSS) en el filtro de b\u00fasqueda avanzada de archivos. Antes de la soluci\u00f3n, un administrador deshonesto pod\u00eda agregar c\u00f3digo malicioso en el administrador de archivos debido a una validaci\u00f3n insuficiente de los datos proporcionados por el administrador. Todos los administradores tienen acceso al Administrador de archivos y, por lo tanto, pueden crear un filtro de b\u00fasqueda con el c\u00f3digo malicioso adjunto. El equipo de seguridad de Concrete CMS le dio a esta vulnerabilidad una puntuaci\u00f3n CVSS v3.1 de 3.1 con un vector de AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A: L https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator."
}
],
"id": "CVE-2024-3178",
"lastModified": "2024-04-04T12:48:41.700",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 0.5,
"impactScore": 2.5,
"source": "ff5b8ace-8b95-4078-9743-eac1ca5451de",
"type": "Secondary"
}
]
},
"published": "2024-04-03T19:15:44.210",
"references": [
{
"source": "ff5b8ace-8b95-4078-9743-eac1ca5451de",
"url": "https://documentation.concretecms.org/9-x/developers/introduction/version-history/928-release-notes?_gl=1*1bcxp5s*_ga*MTc1NDc0Njk2Mi4xNzA2ODI4MDU1*_ga_HFB3HPNNLS*MTcxMjE2NjYyNi4xMy4xLjE3MTIxNjY2ODEuMC4wLjA."
},
{
"source": "ff5b8ace-8b95-4078-9743-eac1ca5451de",
"url": "https://documentation.concretecms.org/developers/introduction/version-history/8516-release-notes?_gl=1*1oa3zn1*_ga*MTc1NDc0Njk2Mi4xNzA2ODI4MDU1*_ga_HFB3HPNNLS*MTcxMjE2NjYyNi4xMy4xLjE3MTIxNjY3MDcuMC4wLjA."
}
],
"sourceIdentifier": "ff5b8ace-8b95-4078-9743-eac1ca5451de",
"vulnStatus": "Awaiting Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "ff5b8ace-8b95-4078-9743-eac1ca5451de",
"type": "Secondary"
}
]
}
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…