Plataforma
php
Componente
public-cms
Corrigido em
5.202406.1
CVE-2024-11175 describes a cross-site scripting (XSS) vulnerability discovered in Public CMS versions 5.202406.d through 5.202406.d. This flaw allows attackers to inject malicious scripts via manipulation of the /admin/cmsVote/save file, potentially compromising user sessions and data integrity. A patch (b9530b9cc1f5cfdad4b637874f59029a6283a65c) is available, and upgrading to version 5.202406.1 resolves the issue.
Successful exploitation of CVE-2024-11175 allows an attacker to execute arbitrary JavaScript code in the context of a user's browser. This can lead to various malicious actions, including session hijacking, credential theft, and defacement of the Public CMS website. The vulnerability's impact is amplified if the CMS is used to manage sensitive data or if it has a large user base. An attacker could potentially gain access to administrative panels, modify content, or redirect users to phishing sites, leading to further compromise of the system and its users.
This vulnerability has been publicly disclosed, increasing the risk of exploitation. While the CVSS score is LOW, the ease of exploitation and potential impact warrant immediate attention. No active exploitation campaigns have been publicly reported as of the publication date, but the availability of a public proof-of-concept suggests that attackers may already be developing exploits. The vulnerability was added to the NVD on 2024-11-13.
Organizations and individuals using Public CMS versions 5.202406.d through 5.202406.d are at risk. This includes websites hosted on shared hosting platforms that utilize Public CMS, as well as those with limited security expertise who may be unaware of the vulnerability or slow to apply patches.
• php: Examine web server access logs for requests to /admin/cmsVote/save containing unusual or suspicious parameters.
grep "/admin/cmsVote/save?param=.*script.*" /var/log/apache2/access.log• generic web: Use curl to test the /admin/cmsVote/save endpoint with a simple XSS payload (e.g., <script>alert(1)</script>).
curl -X POST -d '<script>alert(1)</script>' http://your-public-cms-site.com/admin/cmsVote/save• generic web: Check response headers for the X-Content-Type-Options: nosniff header, which helps prevent MIME-sniffing attacks that can bypass XSS filters.
disclosure
patch
Status do Exploit
EPSS
0.10% (percentil 28%)
CISA SSVC
Vetor CVSS
The primary mitigation for CVE-2024-11175 is to upgrade Public CMS to version 5.202406.1 or later, which includes the fix (b9530b9cc1f5cfdad4b637874f59029a6283a65c). If immediate upgrading is not possible, consider implementing input validation and output encoding on the /admin/cmsVote/save endpoint to sanitize user-supplied data. Web application firewalls (WAFs) configured to detect and block XSS payloads can also provide a temporary layer of protection. Review access controls to the /admin/cmsVote/save endpoint to restrict access to authorized users only.
Aplique el parche b9530b9cc1f5cfdad4b637874f59029a6283a65c proporcionado por el proveedor para corregir la vulnerabilidad XSS en el componente Voting Management. Este parche soluciona el problema en el archivo /admin/cmsVote/save. Se recomienda actualizar a una versión posterior que incluya esta corrección.
Análise de vulnerabilidades e alertas críticos diretamente no seu e-mail.
CVE-2024-11175 is a cross-site scripting (XSS) vulnerability affecting Public CMS versions 5.202406.d through 5.202406.d, allowing attackers to inject malicious scripts.
Yes, if you are running Public CMS versions 5.202406.d through 5.202406.d, you are vulnerable to this XSS attack.
Upgrade Public CMS to version 5.202406.1 or later to resolve this vulnerability. Implement input validation and output encoding as a temporary workaround.
While no active exploitation campaigns have been publicly reported, the vulnerability has been disclosed and a proof-of-concept exists, increasing the risk of exploitation.
Refer to the Public CMS security advisory for detailed information and updates regarding CVE-2024-11175.
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.