{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-1247", "assignerOrgId": "ff5b8ace-8b95-4078-9743-eac1ca5451de", "state": "PUBLISHED", "assignerShortName": "ConcreteCMS", "dateReserved": "2024-02-06T00:51:01.240Z", "datePublished": "2024-02-09T18:58:24.672Z", "dateUpdated": "2024-08-01T18:33:25.343Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Concrete CMS", "repo": "https://github.com/concretecms/concretecms", "vendor": "Concrete CMS", "versions": [{"lessThan": "9.2.5", "status": "affected", "version": "9.0.0", "versionType": "patch"}]}], "credits": [{"lang": "en", "type": "reporter", "user": "00000000-0000-4000-9000-000000000000", "value": "cupc4k3"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Concrete CMS <span style=\"background-color: rgb(246, 246, 246);\">version 9 before 9.2.5 is vulnerable to&nbsp;</span>&nbsp;s<span style=\"background-color: rgb(246, 246, 246);\">tored XSS via the Role Name field since there is insufficient validation of administrator provided data for that field.&nbsp;<span style=\"background-color: rgb(246, 246, 246);\">A rogue administrator could inject malicious code into the Role Name field which might be executed when users visit the affected page. The Concrete CMS Security team scored this 2 with CVSS v3 vector </span><a target=\"_blank\" rel=\"nofollow\" href=\"https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N&amp;version=3.1\">AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N</a><span style=\"background-color: rgb(246, 246, 246);\">. Concrete versions below 9 do not include group types so they are not affected by this vulnerability. </span></span><br>"}], "value": "Concrete CMS version 9 before 9.2.5 is vulnerable to\u00a0\u00a0stored XSS via the Role Name field since there is insufficient validation of administrator provided data for that field.\u00a0A rogue administrator could inject malicious code into the Role Name field which might be executed when users visit the affected page. The Concrete CMS Security team scored this 2 with CVSS v3 vector  AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator . Concrete versions below 9 do not include group types so they are not affected by this vulnerability. \n"}], "impacts": [{"capecId": "CAPEC-63", "descriptions": [{"lang": "en", "value": "CAPEC-63 Cross-Site Scripting (XSS)"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "ff5b8ace-8b95-4078-9743-eac1ca5451de", "shortName": "ConcreteCMS", "dateUpdated": "2024-02-09T19:49:26.781Z"}, "references": [{"url": "https://documentation.concretecms.org/9-x/developers/introduction/version-history/925-release-notes"}, {"url": "https://www.concretecms.org/about/project-news/security/2024-02-04-security-advisory"}], "source": {"advisory": "Hackerone 2337519", "discovery": "EXTERNAL"}, "title": "Concrete CMS version 9 before 9.2.5 vulnerable to stored XSS via the Role Name field", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-1247", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-02-12T17:30:29.586336Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-05T17:20:51.875Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T18:33:25.343Z"}, "title": "CVE Program Container", "references": [{"url": "https://documentation.concretecms.org/9-x/developers/introduction/version-history/925-release-notes", "tags": ["x_transferred"]}, {"url": "https://www.concretecms.org/about/project-news/security/2024-02-04-security-advisory", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://documentation.concretecms.org/9-x/developers/introduction/version-history/925-release-notes", "tags": ["x_transferred"]}, {"url": "https://www.concretecms.org/about/project-news/security/2024-02-04-security-advisory", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T18:33:25.343Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-1247", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-02-12T17:30:29.586336Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-05T15:20:37.081Z"}}], "cna": {"title": "Concrete CMS version 9 before 9.2.5 vulnerable to stored XSS via the Role Name field", "source": {"advisory": "Hackerone 2337519", "discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "reporter", "user": "00000000-0000-4000-9000-000000000000", "value": "cupc4k3"}], "impacts": [{"capecId": "CAPEC-63", "descriptions": [{"lang": "en", "value": "CAPEC-63 Cross-Site Scripting (XSS)"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 2, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"repo": "https://github.com/concretecms/concretecms", "vendor": "Concrete CMS", "product": "Concrete CMS", "versions": [{"status": "affected", "version": "9.0.0", "lessThan": "9.2.5", "versionType": "patch"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://documentation.concretecms.org/9-x/developers/introduction/version-history/925-release-notes"}, {"url": "https://www.concretecms.org/about/project-news/security/2024-02-04-security-advisory"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "Concrete CMS version 9 before 9.2.5 is vulnerable to\u00a0\u00a0stored XSS via the Role Name field since there is insufficient validation of administrator provided data for that field.\u00a0A rogue administrator could inject malicious code into the Role Name field which might be executed when users visit the affected page. The Concrete CMS Security team scored this 2 with CVSS v3 vector  AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator . Concrete versions below 9 do not include group types so they are not affected by this vulnerability. \n", "supportingMedia": [{"type": "text/html", "value": "Concrete CMS <span style=\"background-color: rgb(246, 246, 246);\">version 9 before 9.2.5 is vulnerable to&nbsp;</span>&nbsp;s<span style=\"background-color: rgb(246, 246, 246);\">tored XSS via the Role Name field since there is insufficient validation of administrator provided data for that field.&nbsp;<span style=\"background-color: rgb(246, 246, 246);\">A rogue administrator could inject malicious code into the Role Name field which might be executed when users visit the affected page. The Concrete CMS Security team scored this 2 with CVSS v3 vector </span><a target=\"_blank\" rel=\"nofollow\" href=\"https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N&amp;version=3.1\">AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N</a><span style=\"background-color: rgb(246, 246, 246);\">. Concrete versions below 9 do not include group types so they are not affected by this vulnerability. </span></span><br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation"}]}], "providerMetadata": {"orgId": "ff5b8ace-8b95-4078-9743-eac1ca5451de", "shortName": "ConcreteCMS", "dateUpdated": "2024-02-09T19:49:26.781Z"}}}, "cveMetadata": {"cveId": "CVE-2024-1247", "state": "PUBLISHED", "dateUpdated": "2024-08-01T18:33:25.343Z", "dateReserved": "2024-02-06T00:51:01.240Z", "assignerOrgId": "ff5b8ace-8b95-4078-9743-eac1ca5451de", "datePublished": "2024-02-09T18:58:24.672Z", "assignerShortName": "ConcreteCMS"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:concretecms:concrete_cms:*:*:*:*:*:*:*:*", "matchCriteriaId": "4B4CD16D-4D2C-45DC-ACAC-E107A4909305", "versionEndExcluding": "9.2.5", "versionStartIncluding": "9.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Concrete CMS version 9 before 9.2.5 is vulnerable to\u00a0\u00a0stored XSS via the Role Name field since there is insufficient validation of administrator provided data for that field.\u00a0A rogue administrator could inject malicious code into the Role Name field which might be executed when users visit the affected page. The Concrete CMS Security team scored this 2 with CVSS v3 vector  AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator . Concrete versions below 9 do not include group types so they are not affected by this vulnerability. \n"}, {"lang": "es", "value": "La versi\u00f3n 9 de Concrete CMS anterior a la 9.2.5 es vulnerable al XSS almacenado a trav\u00e9s del campo Role Name, ya que no hay validaci\u00f3n suficiente de los datos proporcionados por el administrador para ese campo. Un administrador deshonesto podr\u00eda inyectar c\u00f3digo malicioso en el campo Role Name que podr\u00eda ejecutarse cuando los usuarios visitan la p\u00e1gina afectada. El equipo de seguridad de Concrete CMS obtuvo este 2 con el vector CVSS v3 vector AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator. Las versiones concretas inferiores a 9 no incluyen tipos de grupos, por lo que no se ven afectados por esta vulnerabilidad."}], "id": "CVE-2024-1247", "lastModified": "2024-11-21T08:50:09.013", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2.0, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 0.5, "impactScore": 1.4, "source": "ff5b8ace-8b95-4078-9743-eac1ca5451de", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.7, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-02-09T19:15:24.183", "references": [{"source": "ff5b8ace-8b95-4078-9743-eac1ca5451de", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://documentation.concretecms.org/9-x/developers/introduction/version-history/925-release-notes"}, {"source": "ff5b8ace-8b95-4078-9743-eac1ca5451de", "tags": ["Vendor Advisory"], "url": "https://www.concretecms.org/about/project-news/security/2024-02-04-security-advisory"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://documentation.concretecms.org/9-x/developers/introduction/version-history/925-release-notes"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.concretecms.org/about/project-news/security/2024-02-04-security-advisory"}], "sourceIdentifier": "ff5b8ace-8b95-4078-9743-eac1ca5451de", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "ff5b8ace-8b95-4078-9743-eac1ca5451de", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}