Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2021-25977

Date: October 25, 2021

Overview

In PiranhaCMS, versions 7.0.0 to 9.1.1 are vulnerable to stored XSS due to the page title being improperly sanitized. By creating a page with a specially crafted page title, a low privileged user can trigger arbitrary JavaScript execution.

Details

PiranhaCMS is vulnerable to stored XSS by creating a page with a specially crafted page title.

PoC Details

Go to the pages tab in the management panel with a user that has permission to create new pages. Create a page insert the below given payload in its title. Press the save button, and then click on the pages tab again, it is possible to see that the XSS payload was rendered.

PoC Code

<img src=x onerror=alert(‘XSS’)>

Affected Environments

PiranhaCMS versions 7.0.0 to 9.1.1

Prevention

Update to Piranha version 9.2.0

Language: C#

Good to know:

icon

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-79
icon

Upgrade Version

Upgrade to version Piranha - 9.2.0

Learn More

Base Score:
Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): Required
Scope (S): Changed
Confidentiality (C): Low
Integrity (I): Low
Availability (A): None
Base Score:
Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (AU): Single
Confidentiality (C): None
Integrity (I): Partial
Availability (A): None
Additional information:

Related Resources (5)

https://github.com/PiranhaCMS/piranha.core
https://nvd.nist.gov/vuln/detail/CVE-2021-25977
https://github.com/PiranhaCMS/piranha.core/commit/543bc53c7dbd28c793ec960b57fb0e716c6b18d7
https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25977
https://www.mend.io/vulnerability-database/CVE-2021-25977