icon

We found results for “”

CVE-2021-25977

Date: October 25, 2021

Overview

In PiranhaCMS, versions 7.0.0 to 9.1.1 are vulnerable to stored XSS due to the page title being improperly sanitized. By creating a page with a specially crafted page title, a low privileged user can trigger arbitrary JavaScript execution.

Details

PiranhaCMS is vulnerable to stored XSS by creating a page with a specially crafted page title.

PoC Details

Go to the pages tab in the management panel with a user that has permission to create new pages. Create a page insert the below given payload in its title. Press the save button, and then click on the pages tab again, it is possible to see that the XSS payload was rendered.

PoC Code

<img src=x onerror=alert(‘XSS’)>

Affected Environments

PiranhaCMS versions 7.0.0 to 9.1.1

Prevention

Update to Piranha version 9.2.0

Language: C#

Good to know:

icon

Cross-Site Scripting (XSS)

CWE-79
icon

Upgrade Version

Upgrade to version Piranha - 9.2.0

Learn More

Base Score:
Attack Vector (AV): Network
Attack Complexity (AC): Low
Privilegs Required (PR): Low
User Interaction (UI): Required
Scope (S): Changed
Confidentiality (C): Low
Integrity (I): Low
Availability (A): None
Base Score:
Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (AU): Single
Confidentiality (C): None
Integrity (I): Partial
Availability (A): None
Additional information: