Concrete5 is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input.
Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible.
Concrete5 8.1.0 is vulnerable; other versions may also be affected.
Information
Bugtraq ID: 97649Class: Input Validation Error
CVE: CVE-2017-7725
Remote: Yes
Local: No
Published: Apr 12 2017 12:00AM
Updated: Apr 14 2017 05:05PM
Credit: Ryan Tyler (rtyler)
Vulnerable: concrete5 concrete5 8.1.0
Not Vulnerable:
Exploit
An attacker can exploit this issue using a web browser.
References:
- Concrete5 Homepage (Portland Labs)
- Full Page Caching Stored XSS Vulnerability (Hackerone)
- Use relative urls when the canonical url isn't set (Concrete5)