Multiple vulnerabilities in CMS Made Simple
Posted date 15/02/2024
Importance
5 - Critical
Affected Resources
- CMS Made Simple, 2.2.14 version.
Description
INCIBE has coordinated the publication of 3 vulnerabilities of critical severity affecting CMS Made Simple, a free and open source (GPL) content management system (CMS), which have been discovered by Rafael Pedrero.
These vulnerabilities have been assigned the following codes, CVSS v3.1 base score, CVSS vector and CWE vulnerability type for each vulnerability.
- CVE-2024-1527: 9.8 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | CWE-434
- CVE-2024-1528: 7.4 | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N | CWE-79
- CVE-2024-1529: 7.4 | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N | CWE-79
Solution
There is no reported solution at this time.
Detail
- CVE-2024-1527: unrestricted file upload vulnerability in CMS Made Simple, affecting version 2.2.14. This vulnerability allows an authenticated user to bypass the security measures of the upload functionality and potentially create a remote execution of commands via webshell.
- CVE-2024-1528: CMS Made Simple version 2.2.14, does not sufficiently encode user-controlled input, resulting in a Cross-Site Scripting (XSS) vulnerability through /admin/moduleinterface.php, in multiple parameters. This vulnerability could allow a remote attacker to send a specially crafted JavaScript payload to an authenticated user and partially hijack their browser session.
- CVE-2024-1529: vulnerability in CMS Made Simple 2.2.14, which does not sufficiently encode user-controlled input, resulting in a Cross-Site Scripting (XSS) vulnerability through /admin/adduser.php, in multiple parameters. This vulnerability could allow a remote attacker to send a specially crafted JavaScript payload to an authenticated user and partially take over their browser session.
References list
Etiquetas
