CVE-2023-44766

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-44766
A Cross Site Scripting (XSS) vulnerability in Concrete CMS v.9.2.1 allows an attacker to execute arbitrary code via a crafted script to the SEO - Extra from Page Settings. NOTE: the vendor disputes this because this SEO-related header change can only be made by an admin, and allowing an admin to place JavaScript there is an intentional customization feature.

4.8 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.7 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References
Link Resource
https://github.com/sromanhu/ConcreteCMS-Stored-XSS---SEO Exploit
https://www.concretecms.org/about/project-news/security/security-advisory-2023-10-31-concrete-cms-rejects-cve-2023-44760-and-cve-2023-44766 Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:concretecms:concrete_cms:9.2.1:*:*:*:*:*:*:*
History

21 Dec 2023, 01:33

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 5.4 		v2 : unknown
v3 : 4.8
References () https://www.concretecms.org/about/project-news/security/security-advisory-2023-10-31-concrete-cms-rejects-cve-2023-44760-and-cve-2023-44766 - () https://www.concretecms.org/about/project-news/security/security-advisory-2023-10-31-concrete-cms-rejects-cve-2023-44760-and-cve-2023-44766 - Third Party Advisory

15 Nov 2023, 22:15

Type Values Removed Values Added
Summary A Cross Site Scripting (XSS) vulnerability in Concrete CMS v.9.2.1 allows an attacker to execute arbitrary code via a crafted script to the SEO - Extra from Page Settings. A Cross Site Scripting (XSS) vulnerability in Concrete CMS v.9.2.1 allows an attacker to execute arbitrary code via a crafted script to the SEO - Extra from Page Settings. NOTE: the vendor disputes this because this SEO-related header change can only be made by an admin, and allowing an admin to place JavaScript there is an intentional customization feature.
References
  • () https://www.concretecms.org/about/project-news/security/security-advisory-2023-10-31-concrete-cms-rejects-cve-2023-44760-and-cve-2023-44766 -

06 Oct 2023, 19:06

Type Values Removed Values Added
References (MISC) https://github.com/sromanhu/ConcreteCMS-Stored-XSS---SEO - (MISC) https://github.com/sromanhu/ConcreteCMS-Stored-XSS---SEO - Exploit
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 5.4
First Time Concretecms
Concretecms concrete Cms
CPE cpe:2.3:a:concretecms:concrete_cms:9.2.1:*:*:*:*:*:*:*
CWE CWE-79

06 Oct 2023, 13:17

Type Values Removed Values Added
New CVE
Information

Published : 2023-10-06 13:15

Updated : 2024-04-11 01:21

NVD link : CVE-2023-44766

Mitre link : CVE-2023-44766

CVE.ORG link : CVE-2023-44766

JSON object : View

Products Affected

concretecms

  • concrete_cms
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')