Multiple Cross Site Scripting (XSS) vulnerabilities in Concrete CMS v.9.2.1 allow an attacker to execute arbitrary code via a crafted script to the Header and Footer Tracking Codes of the SEO & Statistics. NOTE: the vendor disputes this because these header/footer changes can only be made by an admin, and allowing an admin to place JavaScript there is an intentional customization feature. Also, the exploitation method claimed by "sromanhu" does not provide any access to a Concrete CMS session, because the Concrete CMS session cookie is configured as HttpOnly.
References
Link | Resource |
---|---|
https://github.com/sromanhu/CVE-2023-44760_ConcreteCMS-Stored-XSS---TrackingCodes/issues/1 | Issue Tracking |
https://github.com/sromanhu/ConcreteCMS-Stored-XSS---TrackingCodes | Exploit Third Party Advisory |
https://www.concretecms.org/about/project-news/security/security-advisory-2023-10-31-concrete-cms-rejects-cve-2023-44760-and-cve-2023-44766 | Third Party Advisory |
https://github.com/sromanhu/CVE-2023-44760_ConcreteCMS-Stored-XSS---TrackingCodes/issues/1 | Issue Tracking |
https://github.com/sromanhu/ConcreteCMS-Stored-XSS---TrackingCodes | Exploit Third Party Advisory |
https://www.concretecms.org/about/project-news/security/security-advisory-2023-10-31-concrete-cms-rejects-cve-2023-44760-and-cve-2023-44766 | Third Party Advisory |
Configurations
History
21 Nov 2024, 08:26
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/sromanhu/CVE-2023-44760_ConcreteCMS-Stored-XSS---TrackingCodes/issues/1 - Issue Tracking | |
References | () https://github.com/sromanhu/ConcreteCMS-Stored-XSS---TrackingCodes - Exploit, Third Party Advisory | |
References | () https://www.concretecms.org/about/project-news/security/security-advisory-2023-10-31-concrete-cms-rejects-cve-2023-44760-and-cve-2023-44766 - Third Party Advisory |
21 Jan 2024, 02:25
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 4.8 |
References | () https://github.com/sromanhu/CVE-2023-44760_ConcreteCMS-Stored-XSS---TrackingCodes/issues/1 - Issue Tracking | |
References | () https://www.concretecms.org/about/project-news/security/security-advisory-2023-10-31-concrete-cms-rejects-cve-2023-44760-and-cve-2023-44766 - Third Party Advisory |
15 Nov 2023, 22:15
Type | Values Removed | Values Added |
---|---|---|
Summary | Multiple Cross Site Scripting (XSS) vulnerabilities in Concrete CMS v.9.2.1 allow an attacker to execute arbitrary code via a crafted script to the Header and Footer Tracking Codes of the SEO & Statistics. NOTE: the vendor disputes this because these header/footer changes can only be made by an admin, and allowing an admin to place JavaScript there is an intentional customization feature. Also, the exploitation method claimed by "sromanhu" does not provide any access to a Concrete CMS session, because the Concrete CMS session cookie is configured as HttpOnly. | |
References |
|
30 Oct 2023, 11:36
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-79 | |
First Time |
Concretecms
Concretecms concrete Cms |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.4 |
References | (MISC) https://github.com/sromanhu/ConcreteCMS-Stored-XSS---TrackingCodes - Exploit, Third Party Advisory | |
CPE | cpe:2.3:a:concretecms:concrete_cms:9.2.1:*:*:*:*:*:*:* |
23 Oct 2023, 22:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-10-23 22:15
Updated : 2024-11-21 08:26
NVD link : CVE-2023-44760
Mitre link : CVE-2023-44760
CVE.ORG link : CVE-2023-44760
JSON object : View
Products Affected
concretecms
- concrete_cms
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')