Description

An issue was discovered in concrete5 <= 5.6.3.4. The vulnerability exists due to insufficient filtration of user-supplied data (disable_choose) passed to the "concrete5-legacy-master/web/concrete/tools/files/search_dialog.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.

Remediation

References

CVE-2017-6905

Related Vulnerabilities

WordPress Plugin Answer My Question SQL Injection (1.3)

WordPress Plugin MapSVG Lite Arbitrary File Upload (4.2.4)

WordPress Plugin Booking Calendar PHP Object Injection (9.1)

WordPress Plugin Import and export users and customers Security Bypass (1.15)

WordPress Plugin User Access Manager Cross-Site Scripting (1.2.14)

Severity

Medium

Classification

CVE-2017-6905 CWE-707 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities