CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-1245 – Concrete CMS version 9 before 9.2.5 is vulnerable to stored XSS in file tags and description attributes
https://notcve.org/view.php?id=CVE-2024-1245
Concrete CMS version 9 before 9.2.5 is vulnerable to stored XSS in file tags and description attributes since administrator entered file attributes are not sufficiently sanitized in the Edit Attributes page. A rogue administrator could put malicious code into the file tags or description attributes and, when another administrator opens the same file for editing, the malicious code could execute. The Concrete CMS Security team scored this 2.4 with CVSS v3 vector AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N. La versión 9 de Concrete CMS anterior a la 9.2.5 es vulnerable a XSS almacenado en etiquetas de archivos y atributos de descripción, ya que los atributos de archivo ingresados por el administrador no están suficientemente sanitizados en la página Edit Attributes. Un administrador deshonesto podría colocar código malicioso en las etiquetas del archivo o en los atributos de descripción y, cuando otro administrador abra el mismo archivo para editarlo, el código malicioso podría ejecutarse. • https://documentation.concretecms.org/9-x/developers/introduction/version-history/925-release-notes https://www.concretecms.org/about/project-news/security/2024-02-04-security-advisory • CWE-20: Improper Input Validation CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-1246 – Concrete CMS in version 9 before 9.2.5 is vulnerable to reflected XSS via the Image URL Import Feature
https://notcve.org/view.php?id=CVE-2024-1246
Concrete CMS in version 9 before 9.2.5 is vulnerable to reflected XSS via the Image URL Import Feature due to insufficient validation of administrator provided data. A rogue administrator could inject malicious code when importing images, leading to the execution of the malicious code on the website user’s browser. The Concrete CMS Security team scored this 2 with CVSS v3 vector AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N. This does not affect Concrete versions prior to version 9. Concrete CMS en la versión 9 anterior a la 9.2.5 es vulnerable al XSS reflejado a través de la función de importación de URL de imagen debido a una validación insuficiente de los datos proporcionados por el administrador. • https://documentation.concretecms.org/9-x/developers/introduction/version-history/925-release-notes https://www.concretecms.org/about/project-news/security/2024-02-04-security-advisory • CWE-20: Improper Input Validation CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-1247 – Concrete CMS version 9 before 9.2.5 vulnerable to stored XSS via the Role Name field
https://notcve.org/view.php?id=CVE-2024-1247
Concrete CMS version 9 before 9.2.5 is vulnerable to stored XSS via the Role Name field since there is insufficient validation of administrator provided data for that field. A rogue administrator could inject malicious code into the Role Name field which might be executed when users visit the affected page. The Concrete CMS Security team scored this 2 with CVSS v3 vector AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator . Concrete versions below 9 do not include group types so they are not affected by this vulnerability. La versión 9 de Concrete CMS anterior a la 9.2.5 es vulnerable al XSS almacenado a través del campo Role Name, ya que no hay validación suficiente de los datos proporcionados por el administrador para ese campo. • https://documentation.concretecms.org/9-x/developers/introduction/version-history/925-release-notes https://www.concretecms.org/about/project-news/security/2024-02-04-security-advisory • CWE-20: Improper Input Validation CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-48652
https://notcve.org/view.php?id=CVE-2023-48652
Concrete CMS 9 before 9.2.3 is vulnerable to Cross Site Request Forgery (CSRF) via /ccm/system/dialogs/logs/delete_all/submit. An attacker can force an admin user to delete server report logs on a web application to which they are currently authenticated. Concrete CMS 9 anterior a 9.2.3 es vulnerable a Cross Site Request Forgery (CSRF) a través de /ccm/system/dialogs/logs/delete_all/submit. Un atacante puede obligar a un usuario administrador a eliminar los registros de informes del servidor en una aplicación web en la que está actualmente autenticado. • https://documentation.concretecms.org/developers/introduction/version-history/923-release-notes https://www.concretecms.org/about/project-news/security/2023-12-05-concrete-cms-new-cves-and-cve-updates • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-48648
https://notcve.org/view.php?id=CVE-2023-48648
Concrete CMS before 8.5.13 and 9.x before 9.2.2 allows unauthorized access because directories can be created with insecure permissions. File creation functions (such as the Mkdir() function) gives universal access (0777) to created folders by default. Excessive permissions can be granted when creating a directory with permissions greater than 0755 or when the permissions argument is not specified. Concrete CMS anterior a 8.5.13 y 9.x anterior a 9.2.2 permite el acceso no autorizado porque se pueden crear directorios con permisos inseguros. Las funciones de creación de archivos (como la función Mkdir()) brindan acceso universal (0777) a las carpetas creadas de forma predeterminada. • https://documentation.concretecms.org/developers/introduction/version-history/8513-release-notes https://documentation.concretecms.org/developers/introduction/version-history/922-release-notes https://www.concretecms.org/about/project-news/security/2023-11-09-security-blog-about-updated-cves-and-new-release • CWE-276: Incorrect Default Permissions •