CVE-2024-3178

Concrete CMS versions 9 below 9.2.8 and versions below 8.5.16 are vulnerable to Cross-site Scripting (XSS) in the Advanced File Search Filter

Severity Score

3.1

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

Concrete CMS versions 9 below 9.2.8 and versions below 8.5.16 are vulnerable to Cross-site Scripting (XSS) in the Advanced File Search Filter. Prior to the fix, a rogue administrator could add malicious code in the file manager because of insufficient validation of administrator provided data. All administrators have access to the File Manager and hence could create a search filter with the malicious code attached. The Concrete CMS security team gave this vulnerability a CVSS v3.1 score of 3.1 with a vector of AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:L https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator .

Las versiones 9 de Concrete CMS inferiores a 9.2.8 y las versiones inferiores a 8.5.16 son vulnerables a Cross-site Scripting (XSS) en el filtro de búsqueda avanzada de archivos. Antes de la solución, un administrador deshonesto podía agregar código malicioso en el administrador de archivos debido a una validación insuficiente de los datos proporcionados por el administrador. Todos los administradores tienen acceso al Administrador de archivos y, por lo tanto, pueden crear un filtro de búsqueda con el código malicioso adjunto. El equipo de seguridad de Concrete CMS le dio a esta vulnerabilidad una puntuación CVSS v3.1 de 3.1 con un vector de AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A: L https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator.

*Credits: javakhishvili

CVSS Scores

ConcreteCMSv3.1 3.1

Attack Vector

Network

Attack Complexity

High

Privileges Required

High

User Interaction

Required

Scope

Unchanged

Confidentiality

None

Integrity

Low

Availability

Low

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-04-02 CVE Reserved
2024-04-03 CVE Published
2024-04-04 EPSS Updated
2024-08-30 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-20: Improper Input Validation
CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CAPEC

CAPEC-592: Stored XSS

References (2)

URL	Tag	Source
https://documentation.concretecms.org/9-x/developers/introduction/version-history/928-release-notes?_gl=11bcxp5s_gaMTc1NDc0Njk2Mi4xNzA2ODI4MDU1_ga_HFB3HPNNLS*MTcxMjE2NjYyNi4xMy4xLjE3MTIxNjY2ODEuMC4wLjA.
https://documentation.concretecms.org/developers/introduction/version-history/8516-release-notes?_gl=11oa3zn1_gaMTc1NDc0Njk2Mi4xNzA2ODI4MDU1_ga_HFB3HPNNLS*MTcxMjE2NjYyNi4xMy4xLjE3MTIxNjY3MDcuMC4wLjA.

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Concrete CMS Search vendor "Concrete CMS"		Concrete CMS Search vendor "Concrete CMS" for product "Concrete CMS"				>= 9.0.0 < 9.2.8 Search vendor "Concrete CMS" for product "Concrete CMS" and version " >= 9.0.0 < 9.2.8"		en		Affected
Concrete CMS Search vendor "Concrete CMS"		Concrete CMS Search vendor "Concrete CMS" for product "Concrete CMS"				>= 5.0.0 < 8.5.16 Search vendor "Concrete CMS" for product "Concrete CMS" and version " >= 5.0.0 < 8.5.16"		en		Affected