header-logo
Suggest Exploit
vendor:
Concrete5
by:
Quadron Research Lab
4.8
CVSS
MEDIUM
Stored XSS
79
CWE
Product Name: Concrete5
Affected Version From: 8.5.4
Affected Version To: 8.5.4
Patch Exists: YES
Related CWE: CVE-2021-3111
CPE: a:concrete5:concrete5:8.5.4
Metasploit: N/A
Other Scripts: N/A
Platforms Tested: Windows 10 x64 HUN/ENG Professional
2021

Concrete5 8.5.4 – ‘name’ Stored XSS

The Express Entries Dashboard in Concrete5 8.5.4 allows stored XSS via the name field of a new data object at an index.php/dashboard/express/entries/view/ URI.

Mitigation:

Input validation should be used to prevent XSS attacks.
Source

Exploit-DB raw data:

# Exploit Title: Concrete5 8.5.4 - 'name' Stored XSS
# Date: 2021-01 
# Exploit Author: Quadron Research Lab
# Version: Concrete5 8.5.4 
# Tested on: Windows 10 x64 HUN/ENG Professional
# Vendor: Concrete5 CMS (https://www.concrete5.org)
# CVE: CVE-2021-3111

[Suggested description]
The Express Entries Dashboard inConcrete5 8.5.4 allows stored XSS via the name field of a new data object at anindex.php/dashboard/express/entries/view/ URI.

[Attack Vectors]
Creating a new data object, the name field is not filtered.  It is possible to place JavaScript code. [Stored XSS]

Proof of Concept
https://github.com/Quadron-Research-Lab/CVE/blob/main/CVE-2021-3111.pdf

Navigation

Suggest Exploit

Services By CQR