Concretecms: >> Concrete Cms >> 5.7.2.1 Security Vulnerabilities
Concrete CMS version 9 before 9.2.8 and previous versions prior to 8.5.16 is vulnerable to Stored XSS on the calendar color settings screen since Information input by the user is output without escaping. A rogue administrator could inject malicious javascript into the Calendar Color Settings screen which might be executed when users visit the affected page. The Concrete CMS security team gave this vulnerability a CVSS v3.1 score of 2.0 with a vector of AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N&version=3.1 https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator
Thank you Rikuto Tauchi for reporting
CVSS Score
2.0
EPSS Score
0.002
Published
2024-04-03
Concrete CMS before 8.5.14 and 9 before 9.2.3 is vulnerable to an admin adding a stored XSS payload via the Layout Preset name.
CVSS Score
4.8
EPSS Score
0.011
Published
2024-02-29
Concrete CMS before 8.5.14 and 9 before 9.2.3 allows Cross Site Request Forgery (CSRF) via ccm/calendar/dialogs/event/delete/submit. An attacker can force an admin to delete events on the site because the event ID is numeric and sequential.
CVSS Score
4.3
EPSS Score
0.006
Published
2024-02-29
Concrete CMS before 8.5.13 and 9.x before 9.2.2 allows unauthorized access because directories can be created with insecure permissions. File creation functions (such as the Mkdir() function) gives universal access (0777) to created folders by default. Excessive permissions can be granted when creating a directory with permissions greater than 0755 or when the permissions argument is not specified.
CVSS Score
9.8
EPSS Score
0.007
Published
2023-11-17
Concrete CMS before 8.5.13 and 9.x before 9.2.2 allows stored XSS on the Admin page via an uploaded file name.
CVSS Score
3.5
EPSS Score
0.013
Published
2023-11-17
Concrete CMS (previously concrete5) in versions 9.0 through 9.1.3 is vulnerable to Stored XSS via a container name.
CVSS Score
5.4
EPSS Score
0.01
Published
2023-04-28
Concrete CMS (previously concrete5) versions 8.5.12 and below, and 9.0 through 9.1.3 does not have Secure and HTTP only attributes set for ccmPoll cookies.
CVSS Score
5.3
EPSS Score
0.003
Published
2023-04-28
Concrete CMS (previously concrete5) versions 8.5.12 and below, and 9.0 through 9.1.3 is vulnerable to possible Auth bypass in the jobs section.
CVSS Score
3.3
EPSS Score
0.001
Published
2023-04-28
Concrete CMS (previously concrete5) in versions 9.0 through 9.1.3 is vulnerable to Stored XSS on Saved Presets on search.
CVSS Score
5.4
EPSS Score
0.01
Published
2023-04-28
Concrete CMS (previously concrete5) versions 8.5.12 and below, and versions 9.0 through 9.1.3 is vulnerable to Reflected XSS on the Reply form because msgID was not sanitized.
CVSS Score
6.1
EPSS Score
0.004
Published
2023-04-28