CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-32735 – Cross-site scripting (XSS) from field and configuration text displayed in the Panel
https://notcve.org/view.php?id=CVE-2021-32735
Kirby is a content management system. In Kirby CMS versions 3.5.5 and 3.5.6, the Panel's `ListItem` component (used in the pages and files section for example) displayed HTML in page titles as it is. This could be used for cross-site scripting (XSS) attacks. Malicious authenticated Panel users can escalate their privileges if they get access to the Panel session of an admin user. Visitors without Panel access can use the attack vector if the site allows changing site data from a frontend form. • https://github.com/getkirby/kirby/releases/tag/3.5.7 https://github.com/getkirby/kirby/security/advisories/GHSA-2f2w-349x-vrqm • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) •
CVSS: 7.6EPSS: 1%CPEs: 1EXPL: 3CVE-2021-29460 – Cross-site scripting (XSS) from unsanitized uploaded SVG files
https://notcve.org/view.php?id=CVE-2021-29460
Kirby is an open source CMS. An editor with write access to the Kirby Panel can upload an SVG file that contains harmful content like `<script>` tags. The direct link to that file can be sent to other users or visitors of the site. If the victim opens that link in a browser where they are logged in to Kirby, the script will run and can for example trigger requests to Kirby's API with the permissions of the victim. This vulnerability is critical if you might have potential attackers in your group of authenticated Panel users, as they can escalate their privileges if they get access to the Panel session of an admin user. • https://www.exploit-db.com/exploits/49808 http://packetstormsecurity.com/files/162359/Kirby-CMS-3.5.3.1-Cross-Site-Scripting.html https://github.com/getkirby/kirby/releases/tag/3.5.4 https://github.com/getkirby/kirby/security/advisories/GHSA-qgp4-5qx6-548g • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •