Attacker Value
Moderate
(2 users assessed)
Exploitability
Low
(2 users assessed)
User Interaction
Required
Privileges Required
Low
Attack Vector
Network
2

CVE-2021-39609

Disclosure Date: August 23, 2021
Add MITRE ATT&CK tactics and techniques that apply to this CVE.
Discovery
Techniques
Validation
Validated
Validated
Validated
Validated
Validated

Description

Cross Site Scripting (XSS) vulnerability exiss in FlatCore-CMS 2.0.7 via the upload image function.

Add Assessment

2
Ratings
  • Attacker Value
    Very High
  • Exploitability
    Medium
Technical Analysis

Description:

Cross-Site Scripting (XSS SVG – Stored – PWNED PHPSESSID RCE) vulnerability exists in FlatCore-CMS 2.0.7 via the upload image function.
When the malicious user trick the administrator of the CMS system to upload the malicious SVG file, then
he can be already executed this code from everywhere on the internet, and the thing will be more worst than ever for the owner of this CMS system! ;)

@nu11secur1ty


Reproduce:

https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-39609

Proof:

https://streamable.com/p13hgj

Proof: PHPSESSID PWNED

https://streamable.com/9aj8o6

CVSS V3 Severity and Metrics
Base Score:
5.4 Medium
Impact Score:
2.7
Exploitability Score:
2.3
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Attack Vector (AV):
Network
Attack Complexity (AC):
Low
Privileges Required (PR):
Low
User Interaction (UI):
Required
Scope (S):
Changed
Confidentiality (C):
Low
Integrity (I):
Low
Availability (A):
None

General Information

Vendors

  • flatcore

Products

  • flatcore-cms 2.0.7

Additional Info

Technical Analysis