Vulnerability Description
Multiple Cross Site Scripting (XSS) vulnerabilities in Concrete CMS v.9.2.1 allow an attacker to execute arbitrary code via a crafted script to the Header and Footer Tracking Codes of the SEO & Statistics. NOTE: the vendor disputes this because these header/footer changes can only be made by an admin, and allowing an admin to place JavaScript there is an intentional customization feature. Also, the exploitation method claimed by "sromanhu" does not provide any access to a Concrete CMS session, because the Concrete CMS session cookie is configured as HttpOnly.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Concretecms | Concrete Cms | 9.2.1 |
Related Weaknesses (CWE)
References
- https://github.com/sromanhu/CVE-2023-44760_ConcreteCMS-Stored-XSS---TrackingCodeIssue Tracking
- https://github.com/sromanhu/ConcreteCMS-Stored-XSS---TrackingCodesExploitThird Party Advisory
- https://www.concretecms.org/about/project-news/security/security-advisory-2023-1Third Party Advisory
- https://github.com/sromanhu/CVE-2023-44760_ConcreteCMS-Stored-XSS---TrackingCodeIssue Tracking
- https://github.com/sromanhu/ConcreteCMS-Stored-XSS---TrackingCodesExploitThird Party Advisory
- https://www.concretecms.org/about/project-news/security/security-advisory-2023-1Third Party Advisory
FAQ
What is CVE-2023-44760?
CVE-2023-44760 is a vulnerability with a CVSS score of 4.8 (MEDIUM). Multiple Cross Site Scripting (XSS) vulnerabilities in Concrete CMS v.9.2.1 allow an attacker to execute arbitrary code via a crafted script to the Header and Footer Tracking Codes of the SEO & Statis...
How severe is CVE-2023-44760?
CVE-2023-44760 has been rated MEDIUM with a CVSS base score of 4.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-44760?
Check the references section above for vendor advisories and patch information. Affected products include: Concretecms Concrete Cms.