
We found results for “”
CVE-2021-25968
Date: October 19, 2021
Overview
In “OpenCMS”, versions 10.5.0 to 11.0.2 are affected by a stored XSS vulnerability that allows low privileged application users to store malicious scripts in the Sitemap functionality. These scripts are executed in a victim’s browser when they open the page containing the vulnerable field.Details
The “OpenCMS” is affected by a stored XSS vulnerability that allows low privileged application users to store malicious scripts in the Sitemap functionality. These scripts are executed in a victim’s browser when they open the page containing the vulnerable field.PoC Details
Login to the application as Editor, which is a low privileged user.Go to the Tutorial section in the sitemap, and double click on any of the page titles. Insert the malicious payload given below and click outside to save the changes.
Then login as an administrator user and the payload will be triggered. Now go to the tutorial section the payload will again be triggered.
PoC Code
<script>alert(“XSS”)</script>
Affected Environments
OpenCMS versions 10.5.0 to 11.0.2Prevention
Update package to org.opencms:opencms-core version 12.0.Update repo to version build_12_0_0
Language: Java
Good to know:

Base Score: |
|
---|---|
Attack Vector (AV): | Network |
Attack Complexity (AC): | Low |
Privileges Required (PR): | Low |
User Interaction (UI): | Required |
Scope (S): | Changed |
Confidentiality (C): | Low |
Integrity (I): | Low |
Availability (A): | None |
Base Score: |
|
---|---|
Access Vector (AV): | Network |
Access Complexity (AC): | Medium |
Authentication (AU): | Single |
Confidentiality (C): | None |
Integrity (I): | Partial |
Availability (A): | None |
Additional information: |