CVE-2023-28820

Concrete CMS (previously concrete5) before 9.1 is vulnerable to stored XSS in RSS Displayer via the href attribute because the link element input was not sanitized.

CVSS v3 2.0 LOW

2.0^/10

CVSS v3 : LOW

Vector :

Exploitability : 0.5 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required HIGH

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/concretecms/concretecms/releases	Release Notes
https://www.concretecms.org/about/project-news/security/concrete-cms-security-advisory-2023-04-20	Vendor Advisory
https://github.com/concretecms/concretecms/releases	Release Notes
https://www.concretecms.org/about/project-news/security/concrete-cms-security-advisory-2023-04-20	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:concretecms:concrete_cms:*:*:*:*:*:*:*:*

History

21 Nov 2024, 07:56

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~5.4~~	v2 : unknown v3 : 2.0
References	~~() https://github.com/concretecms/concretecms/releases - Release Notes~~	() https://github.com/concretecms/concretecms/releases - Release Notes
References	~~() https://www.concretecms.org/about/project-news/security/concrete-cms-security-advisory-2023-04-20 - Vendor Advisory~~	() https://www.concretecms.org/about/project-news/security/concrete-cms-security-advisory-2023-04-20 - Vendor Advisory

Information

Published : 2023-04-28 14:15

Updated : 2024-11-21 07:56

NVD link : CVE-2023-28820

Mitre link : CVE-2023-28820

CVE.ORG link : CVE-2023-28820

JSON object : View

Products Affected

concretecms

concrete_cms

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

{"id": "CVE-2023-28820", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "cve@mitre.org", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 2.0, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 0.5}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.3}]}, "published": "2023-04-28T14:15:10.703", "references": [{"url": "https://github.com/concretecms/concretecms/releases", "tags": ["Release Notes"], "source": "cve@mitre.org"}, {"url": "https://www.concretecms.org/about/project-news/security/concrete-cms-security-advisory-2023-04-20", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/concretecms/concretecms/releases", "tags": ["Release Notes"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.concretecms.org/about/project-news/security/concrete-cms-security-advisory-2023-04-20", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Concrete CMS (previously concrete5) before 9.1 is vulnerable to stored XSS in RSS Displayer via the href attribute because the link element input was not sanitized."}], "lastModified": "2024-11-21T07:56:04.757", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:concretecms:concrete_cms:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F6D15F6B-68AA-45B6-B98D-F2C1671263F2", "versionEndExcluding": "9.1.0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}