{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-1245", "assignerOrgId": "ff5b8ace-8b95-4078-9743-eac1ca5451de", "state": "PUBLISHED", "assignerShortName": "ConcreteCMS", "dateReserved": "2024-02-06T00:50:41.232Z", "datePublished": "2024-02-09T19:43:58.153Z", "dateUpdated": "2024-08-19T16:13:40.880Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Concrete CMS ", "repo": "https://github.com/concretecms/concretecms", "vendor": "Concrete CMS", "versions": [{"lessThan": "9.2.5", "status": "affected", "version": "9.0.0", "versionType": "patch"}]}], "credits": [{"lang": "en", "type": "reporter", "user": "00000000-0000-4000-9000-000000000000", "value": "Poto Gabor"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(239, 250, 102);\">Concrete CMS&nbsp;version 9 before 9.2.5 is vulnerable to stored XSS in file tags and description attributes since administrator entered file attributes are not sufficiently sanitized in the Edit Attributes page. A rogue administrator could put malicious code into the file tags or description attributes and, when another administrator opens the same file for editing, the malicious code could execute. The Concrete CMS Security team scored this 2.4 with CVSS v3 vector AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N.</span> <br>"}], "value": "Concrete CMS\u00a0version 9 before 9.2.5 is vulnerable to stored XSS in file tags and description attributes since administrator entered file attributes are not sufficiently sanitized in the Edit Attributes page. A rogue administrator could put malicious code into the file tags or description attributes and, when another administrator opens the same file for editing, the malicious code could execute. The Concrete CMS Security team scored this 2.4 with CVSS v3 vector AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N. \n"}], "impacts": [{"capecId": "CAPEC-63", "descriptions": [{"lang": "en", "value": "CAPEC-63 Cross-Site Scripting (XSS)"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2.4, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "ff5b8ace-8b95-4078-9743-eac1ca5451de", "shortName": "ConcreteCMS", "dateUpdated": "2024-02-09T22:00:47.749Z"}, "references": [{"url": "https://documentation.concretecms.org/9-x/developers/introduction/version-history/925-release-notes"}, {"url": "https://www.concretecms.org/about/project-news/security/2024-02-04-security-advisory"}], "source": {"advisory": "Hackerone 2309264", "discovery": "EXTERNAL"}, "title": "Concrete CMS\u00a0version 9 before 9.2.5 is vulnerable to stored XSS in file tags and description attributes", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T18:33:25.326Z"}, "title": "CVE Program Container", "references": [{"url": "https://documentation.concretecms.org/9-x/developers/introduction/version-history/925-release-notes", "tags": ["x_transferred"]}, {"url": "https://www.concretecms.org/about/project-news/security/2024-02-04-security-advisory", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-08-19T16:13:24.461715Z", "id": "CVE-2024-1245", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-19T16:13:40.880Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://documentation.concretecms.org/9-x/developers/introduction/version-history/925-release-notes", "tags": ["x_transferred"]}, {"url": "https://www.concretecms.org/about/project-news/security/2024-02-04-security-advisory", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T18:33:25.326Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-1245", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-08-19T16:13:24.461715Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-19T16:13:36.094Z"}}], "cna": {"title": "Concrete CMS\u00a0version 9 before 9.2.5 is vulnerable to stored XSS in file tags and description attributes", "source": {"advisory": "Hackerone 2309264", "discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "reporter", "user": "00000000-0000-4000-9000-000000000000", "value": "Poto Gabor"}], "impacts": [{"capecId": "CAPEC-63", "descriptions": [{"lang": "en", "value": "CAPEC-63 Cross-Site Scripting (XSS)"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 2.4, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"repo": "https://github.com/concretecms/concretecms", "vendor": "Concrete CMS", "product": "Concrete CMS ", "versions": [{"status": "affected", "version": "9.0.0", "lessThan": "9.2.5", "versionType": "patch"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://documentation.concretecms.org/9-x/developers/introduction/version-history/925-release-notes"}, {"url": "https://www.concretecms.org/about/project-news/security/2024-02-04-security-advisory"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "Concrete CMS\u00a0version 9 before 9.2.5 is vulnerable to stored XSS in file tags and description attributes since administrator entered file attributes are not sufficiently sanitized in the Edit Attributes page. A rogue administrator could put malicious code into the file tags or description attributes and, when another administrator opens the same file for editing, the malicious code could execute. The Concrete CMS Security team scored this 2.4 with CVSS v3 vector AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N. \n", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(239, 250, 102);\">Concrete CMS&nbsp;version 9 before 9.2.5 is vulnerable to stored XSS in file tags and description attributes since administrator entered file attributes are not sufficiently sanitized in the Edit Attributes page. A rogue administrator could put malicious code into the file tags or description attributes and, when another administrator opens the same file for editing, the malicious code could execute. The Concrete CMS Security team scored this 2.4 with CVSS v3 vector AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N.</span> <br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation"}]}], "providerMetadata": {"orgId": "ff5b8ace-8b95-4078-9743-eac1ca5451de", "shortName": "ConcreteCMS", "dateUpdated": "2024-02-09T22:00:47.749Z"}}}, "cveMetadata": {"cveId": "CVE-2024-1245", "state": "PUBLISHED", "dateUpdated": "2024-08-19T16:13:40.880Z", "dateReserved": "2024-02-06T00:50:41.232Z", "assignerOrgId": "ff5b8ace-8b95-4078-9743-eac1ca5451de", "datePublished": "2024-02-09T19:43:58.153Z", "assignerShortName": "ConcreteCMS"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:concretecms:concrete_cms:*:*:*:*:*:*:*:*", "matchCriteriaId": "4B4CD16D-4D2C-45DC-ACAC-E107A4909305", "versionEndExcluding": "9.2.5", "versionStartIncluding": "9.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Concrete CMS\u00a0version 9 before 9.2.5 is vulnerable to stored XSS in file tags and description attributes since administrator entered file attributes are not sufficiently sanitized in the Edit Attributes page. A rogue administrator could put malicious code into the file tags or description attributes and, when another administrator opens the same file for editing, the malicious code could execute. The Concrete CMS Security team scored this 2.4 with CVSS v3 vector AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N. \n"}, {"lang": "es", "value": "La versi\u00f3n 9 de Concrete CMS anterior a la 9.2.5 es vulnerable a XSS almacenado en etiquetas de archivos y atributos de descripci\u00f3n, ya que los atributos de archivo ingresados por el administrador no est\u00e1n suficientemente sanitizados en la p\u00e1gina Edit Attributes. Un administrador deshonesto podr\u00eda colocar c\u00f3digo malicioso en las etiquetas del archivo o en los atributos de descripci\u00f3n y, cuando otro administrador abra el mismo archivo para editarlo, el c\u00f3digo malicioso podr\u00eda ejecutarse. El equipo de seguridad de Concrete CMS obtuvo una puntuaci\u00f3n de 2,4 con el vector CVSS v3 AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N."}], "id": "CVE-2024-1245", "lastModified": "2024-02-15T04:44:27.987", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.7, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2.4, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 1.4, "source": "ff5b8ace-8b95-4078-9743-eac1ca5451de", "type": "Secondary"}]}, "published": "2024-02-09T20:15:54.370", "references": [{"source": "ff5b8ace-8b95-4078-9743-eac1ca5451de", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://documentation.concretecms.org/9-x/developers/introduction/version-history/925-release-notes"}, {"source": "ff5b8ace-8b95-4078-9743-eac1ca5451de", "tags": ["Vendor Advisory"], "url": "https://www.concretecms.org/about/project-news/security/2024-02-04-security-advisory"}], "sourceIdentifier": "ff5b8ace-8b95-4078-9743-eac1ca5451de", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-20"}], "source": "ff5b8ace-8b95-4078-9743-eac1ca5451de", "type": "Secondary"}]}

{}