header-logo
Suggest Exploit
vendor:
OpenCMS
by:
Siddhartha Naik
6.1
CVSS
HIGH
Stored Cross Site Scripting (XSS)
79
CWE
Product Name: OpenCMS
Affected Version From: 17
Affected Version To: 17
Patch Exists: NO
Related CWE: CVE-2024-41447
CPE: a:alkacon_software:opencms:17.0
Metasploit:
Other Scripts:
Platforms Tested: Windows 11
2024

OpenCMS 17.0 – Stored Cross Site Scripting (XSS)

A Stored Cross Site Scripting (XSS) vulnerability exists in OpenCMS 17.0 in the author field when publishing an article. By crafting a malicious script in the author field, an attacker can execute arbitrary scripts on users who click on the 'Read More' button, potentially leading to unauthorized actions.

Mitigation:

Upgrade to the latest version of OpenCMS to mitigate this vulnerability.
Source

Exploit-DB raw data:

# Exploit Title: OpenCMS 17.0 - Stored Cross Site Scripting (XSS)
# Date: 24-11-2024
# Exploit Author: Siddhartha Naik
# Vendor Homepage: http://www.opencms.org/en/
# Software Link: http://www.opencms.org/en/modules/downloads/begindownload.html?id=dade528f-ec17-11ee-ab97-7fde8b0295e1
# Affected Version: 17.0
# Category: WebApps
# Tested on: Windows 11
# CVE : CVE-2024-41447

1. Vendor Description:

OpenCms from Alkacon Software is a professional, easy to use website
content management system. OpenCms helps content managers worldwide to
create and maintain beautiful websites fast and efficiently.

2. Technical Description:

This is a Stored XSS vulnerability in the author field seen when publishing an article.
 This vulnerability has been tested on latest versions of Brave and Firefox browsers.
 It is believed to affect any user who clicks on the "Read More" button of the affected article and
 can be exploited by any user who is able to modify/create articles.

3. Proof Of Concept:

a)  Start by creating a new article. In the author field write your script like so:

<script>alert(1)</script>

b)  Save and publish the article
c)  The user who clicks on the read more button gets a popup saying '1' 

4. Solution:

Upgrade to latest release.
http://www.opencms.org/en/home/news.html

5. Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41447            
https://github.com/Sidd545-cr/CVE/blob/main/CVE-2024-41447%20-%20Stored%20XSS%20in%20author%20field.pdf
http://alkacon.com
http://opencms.com

Navigation

Suggest Exploit

Services By CQR