Concrete CMS (previously concrete5) before 9.2 is vulnerable to Stored XSS on Tags on uploaded files.

**Stored cross site scripting on tags**

Moderate severity GitHub Reviewed Published Apr 28, 2023 to the GitHub Advisory Database • Updated May 5, 2023

GHSA-2ggc-552c-rmqr: Stored cross site scripting on tags

Concrete CMS (previously concrete5) before 9.1 did not have a rate limit for password resets.

CVE-2023-28821: Releases · concretecms/concretecms

Concrete CMS (previously concrete5) before 9.2 is vulnerable to Stored XSS via a container name.

**Trusted by the best**

In a crowded marketspace, Concrete stands out as a solution that pairs robust functionality with ease of use and a low cost of deployment.

Ben Dickie Research Director - Enterprise Applications at Info-Tech Research Group

Listen to our Customers

**Read More Reviews**

**In-Context Editing**

*   Effortlessly edit your website like you're writing a document.
*   New content editors can be trained in minutes flat.
*   Better tools make better work. Enjoy the process.

  
Schedule Demo

Because the system is a pleasure to use for our authors, our content is fresher.

Stefan Glut Online Communications Officer, BASF Corporation

**Powerful Permissions**

*   User roles and groups provide a powerful tool for managing access control and permissions, ensuring that your website is secure and accessible to authorized users only.
*   Granular permissions that let you control every aspect of your website with ease.
*   Transform your content editing process with efficient and secure approval workflows.
*   Streamline collaboration on your website with Concrete CMS.
*   Track changes made to your website with a complete record of who made each change.
*   Review, compare, and roll back to previous versions. 

  
Schedule Demo

Amazing and really well thought out CMS. Great for editors and very good for developers to build off.

Tim Macknelly Creative Director, TM Designs

**Secure & Supported**

*   You get a fully ISO:27001 solution out of the box.
*   All our hosting is SOC 2 Security and Availability Certified and HIPAA Compliant.
*   Used by the U.S. Army. Choose to host your site with us to meet any unique compliance and security needs your organization may have. 

  
Schedule Demo

Concrete CMS powers an Army web presence that hundreds of editors use with very limited training. It also meets our complex security and compliance requirements.

Melanie Reagin U.S. Army, IMCOM

The Basketball Hall of Fame Scores Big With A Concrete CMS-Powered Website

Apr 27, 2023

Explore the Basketball Hall of Fame's website, built with Concrete CMS for a slam dunk user experience. Learn about the history and legacy of basketball while staying up-to-date with the latest events and guest appearances by basketball legends.

Ways to Contribute to FOSS Beyond Development

Apr 25, 2023

Discover how non-developers can make valuable contributions to Free and Open Source Software (FOSS) through documentation, translation, design, support, marketing, and testing. Learn how to get involved and make a difference in the FOSS community.

The Power of Concrete CMS: Goodwill of Western and Northern Connecticut and Walk Japan's Success Stories

Apr 20, 2023

Find out how Concrete CMS helped Goodwill of Western and Northern Connecticut and Walk Japan make their websites better and attract more customers. Thanks to Concrete CMS, they were able to make their sites easy to use and reliable, resulting in happier customers and more money in their pockets.

CVE-2023-28471: Home

wuzhicms v4.1.0 is vulnerable to Cross Site Scripting (XSS) in the Member Center, Account Settings.

**Have a question about this project?** Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Pick a username

Email Address

Password

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CVE-2023-30123: There is a Stored-XSS vulnerability in WUZHI CMS 4.1.0 · Issue #205 · wuzhicms/wuzhicms

EyouCms V1.6.1-UTF8-sp1 is vulnerable to Cross Site Scripting (XSS).

CVE-2023-30125: There is a xss causes XSS to steal sensitive information of logged-in users · Issue #40 · weng-xianhu/eyoucms

A vulnerability, which was classified as problematic, has been found in SourceCodester Online DJ Management System 1.0. Affected by this issue is some unknown functionality of the file classes/Master.php?f=save_event. The manipulation of the argument name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-227648.

CVE-2023-2372

ebankIT versions prior to 7 suffer from a cross site scripting vulnerability.

CVE-2023-30454

[Description]  
An issue was discovered in ebankIT before version 7.  
Document Object Model based XSS exists within the  
/Security/Transactions/Transactions.aspx  
endpoint. Users can supply their own JavaScript within the  
ctl100$ctl00MainContent$TransactionMainContent$accControl$hdnAccountsArray  
POST parameter that will be passed to an eval() function and executed  
upon pressing the continue button.

------------------------------------------

[Vulnerability Type]  
Cross Site Scripting (XSS)

------------------------------------------

[Vendor of Product]  
ebankIT

------------------------------------------

[Affected Product Code Base]  
ebankIT - Omnichannel Digital Banking Platform - Version 6, patched in version 7

------------------------------------------

[Affected Component]  
The endpoint existing at: /Security/Transactions/Transactions.aspx

------------------------------------------

[Attack Type]  
Remote

------------------------------------------

[Impact Code execution]  
true

------------------------------------------

[Attack Vectors]  
I discovered a Document Object Model-based Cross-Site Scripting issue  
within the ebankIT platform. While manually inspecting the client-side  
JavaScript code I came across the variable JSONText. This variable  
was using the eval function to parse data passed to it through the  
accobj variable. Knowing the eval function evaluates text as  
JavaScript, I proceeded to locate exactly what data was passed to this  
variable. I found that the data could be supplied by a user during a  
Transfer request (on /Security/Transactions/Transactions.aspx), when  
selecting which account to transfer from. To execute this XSS, I  
intercepted our test user s Transfer request, supplied my own custom  
JavaScript alert(4) in the  
ctl100$ctl00MainContent$TransactionMainContent$accControl$hdnAccountsArray  
POST parameter, and pressed the continue button which resulted in  
the payload successfully executing.

------------------------------------------

[Discoverer]  
Jake Murphy

ebankIT 6 Cross Site Scripting

CreativeItem Academy Learning Management System version 5.14 suffers from a cross site scripting vulnerability.

    ┌┌───────────────────────────────────────────────────────────────────────────────────────┐││                                     C r a C k E r                                    ┌┘┌┘                 T H E   C R A C K   O F   E T E R N A L   M I G H T                  ││└───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌────              From The Ashes and Dust Rises An Unimaginable crack....          ────┐┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                      [ Exploits ]                                    ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘:  Author   : CraCkEr                                                                    :│  Website  : creativeitem.com                                                           ││  Vendor   : CreativeItem                                                               ││  Software : CreativeItem - Academy Learning Management System 5.14                     ││  Vuln Type: Reflected XSS                                                              ││  Method   : GET                                                                        ││  Impact   : Manipulate the content of the site                                         ││                                                                                        ││────────────────────────────────────────────────────────────────────────────────────────││                                                                                       ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘:                                                                                        :│  Release Notes:                                                                        ││  ═════════════                                                                         ││  The attacker can send to victim a link containing a malicious URL in an email or      ││  instant message can perform a wide variety of actions, such as stealing the victim's  ││  session token or login credentials                                                    ││                                                                                        │┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                                                                      ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘Greets:    The_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL            CryptoJob (Twitter) twitter.com/CryptozJob     ┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                    © CraCkEr 2023                                    ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘GET parameter 'sort_by' is vulnerable to RXSSPath: /academy/home/courseshttps://demo.creativeitem.com/academy/home/courses?category=photoshop&price=paid&level=beginner&language=arabic&rating=2&sort_by=newestbezzi%22%3e%3cscript%3ealert(1)%3c%2fscript%3ebrmil[-] Done

CreativeItem Academy Learning Management System 5.14 Cross Site Scripting

A vulnerability, which was classified as problematic, was found in SourceCodester Resort Reservation System 1.0. Affected is an unknown function of the file registration.php. The manipulation of the argument fullname leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-227640.

CVE-2023-2364

Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.21.

Tag

#xss