{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2024-3178","assignerOrgId":"ff5b8ace-8b95-4078-9743-eac1ca5451de","state":"PUBLISHED","assignerShortName":"ConcreteCMS","dateReserved":"2024-04-02T04:58:32.533Z","datePublished":"2024-04-03T18:31:42.467Z","dateUpdated":"2024-08-30T21:19:41.699Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"Concrete CMS","repo":"https://github.com/concretecms/concretecms","vendor":"Concrete CMS","versions":[{"lessThan":"9.2.8","status":"affected","version":"9.0.0","versionType":"git"},{"lessThan":"8.5.16","status":"affected","version":"5.0.0","versionType":"git"}]}],"credits":[{"lang":"en","type":"finder","value":"javakhishvili"}],"datePublic":"2024-04-03T18:28:00.000Z","descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"<b><span style=\"background-color: transparent;\">Concrete CMS versions 9 below 9.2.8 and versions below&nbsp;<b><span style=\"background-color: transparent;\">8.5.16 are vulnerable to&nbsp;<b><span style=\"background-color: rgb(255, 255, 255);\">Cross-site Scripting (XSS) in the Advanced File Search Filter.&nbsp;</span></b></span></b></span></b>Prior to the fix, a rogue administrator could add malicious code in the file manager because of insufficient validation of administrator provided data. All administrators have access to the File Manager and hence could create a search filter with the malicious code attached. The Concrete CMS security team gave this vulnerability a CVSS v3.1 score of 3.1 with a vector of <a target=\"_blank\" rel=\"nofollow\" href=\"https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:L&amp;version=3.1\">AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:L</a><span style=\"background-color: transparent;\">.&nbsp;&nbsp;</span><b><span style=\"background-color: transparent;\"><b><span style=\"background-color: transparent;\"><b><span style=\"background-color: rgb(255, 255, 255);\"><br><b><br></b></span></b></span></b></span></b><br>"}],"value":"Concrete CMS versions 9 below 9.2.8 and versions below 8.5.16 are vulnerable to Cross-site Scripting (XSS) in the Advanced File Search Filter. Prior to the fix, a rogue administrator could add malicious code in the file manager because of insufficient validation of administrator provided data. All administrators have access to the File Manager and hence could create a search filter with the malicious code attached. The Concrete CMS security team gave this vulnerability a CVSS v3.1 score of 3.1 with a vector of  AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:L https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator ."}],"impacts":[{"capecId":"CAPEC-592","descriptions":[{"lang":"en","value":"CAPEC-592 Stored XSS"}]}],"metrics":[{"cvssV3_1":{"attackComplexity":"HIGH","attackVector":"NETWORK","availabilityImpact":"LOW","baseScore":3.1,"baseSeverity":"LOW","confidentialityImpact":"NONE","integrityImpact":"LOW","privilegesRequired":"HIGH","scope":"UNCHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:L","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-79","description":"CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"ff5b8ace-8b95-4078-9743-eac1ca5451de","shortName":"ConcreteCMS","dateUpdated":"2024-08-30T21:19:41.699Z"},"references":[{"url":"https://documentation.concretecms.org/developers/introduction/version-history/8516-release-notes?_gl=1*1oa3zn1*_ga*MTc1NDc0Njk2Mi4xNzA2ODI4MDU1*_ga_HFB3HPNNLS*MTcxMjE2NjYyNi4xMy4xLjE3MTIxNjY3MDcuMC4wLjA."},{"url":"https://documentation.concretecms.org/9-x/developers/introduction/version-history/928-release-notes?_gl=1*1bcxp5s*_ga*MTc1NDc0Njk2Mi4xNzA2ODI4MDU1*_ga_HFB3HPNNLS*MTcxMjE2NjYyNi4xMy4xLjE3MTIxNjY2ODEuMC4wLjA."}],"source":{"advisory":"https://hackerone.com/reports/949443","discovery":"EXTERNAL"},"title":"Concrete CMS versions 9 below 9.2.8 and versions below 8.5.16 are vulnerable to Cross-site Scripting (XSS) in the Advanced File Search Filter","x_generator":{"engine":"Vulnogram 0.1.0-dev"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2024-3178","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"version":"2.0.3","timestamp":"2024-04-03T19:59:20.752671Z"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-07-05T17:22:09.979Z"}},{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-01T20:05:08.269Z"},"title":"CVE Program Container","references":[{"url":"https://documentation.concretecms.org/developers/introduction/version-history/8516-release-notes?_gl=1*1oa3zn1*_ga*MTc1NDc0Njk2Mi4xNzA2ODI4MDU1*_ga_HFB3HPNNLS*MTcxMjE2NjYyNi4xMy4xLjE3MTIxNjY3MDcuMC4wLjA.","tags":["x_transferred"]},{"url":"https://documentation.concretecms.org/9-x/developers/introduction/version-history/928-release-notes?_gl=1*1bcxp5s*_ga*MTc1NDc0Njk2Mi4xNzA2ODI4MDU1*_ga_HFB3HPNNLS*MTcxMjE2NjYyNi4xMy4xLjE3MTIxNjY2ODEuMC4wLjA.","tags":["x_transferred"]}]}]}}