{
    "dataType": "CVE_RECORD",
    "dataVersion": "5.1",
    "cveMetadata": {
        "cveId": "CVE-2024-7398",
        "assignerOrgId": "ff5b8ace-8b95-4078-9743-eac1ca5451de",
        "state": "PUBLISHED",
        "assignerShortName": "ConcreteCMS",
        "dateReserved": "2024-08-01T22:11:50.367Z",
        "datePublished": "2024-09-24T21:30:37.336Z",
        "dateUpdated": "2024-09-25T17:05:05.899Z"
    },
    "containers": {
        "cna": {
            "affected": [
                {
                    "defaultStatus": "unaffected",
                    "product": "Concrete CMS",
                    "repo": "https://github.com/concretecms/concretecms",
                    "vendor": "Concrete CMS",
                    "versions": [
                        {
                            "lessThan": "9.3.4",
                            "status": "affected",
                            "version": "9.0.0",
                            "versionType": "git"
                        },
                        {
                            "lessThan": "8.5.19",
                            "status": "affected",
                            "version": "5.0.0",
                            "versionType": "git"
                        }
                    ]
                }
            ],
            "credits": [
                {
                    "lang": "en",
                    "type": "reporter",
                    "value": "Yusuke Uchida"
                }
            ],
            "datePublic": "2024-09-03T18:45:00.000Z",
            "descriptions": [
                {
                    "lang": "en",
                    "supportingMedia": [
                        {
                            "base64": false,
                            "type": "text/html",
                            "value": "<span style=\"background-color: transparent;\"><span style=\"background-color: transparent;\"><span style=\"background-color: transparent;\"><span style=\"background-color: transparent;\">Concrete CMS versions 9 through 9.3.3 and versions below 8.5.19 are vulnerable to stored XSS in the calendar event addition feature because the calendar event name was not sanitized on output. Users or groups with permission to create event calendars can embed scripts, and users or groups with permission to modify event calendars can execute scripts.&nbsp;</span>The Concrete CMS Security Team gave this vulnerability a CVSS v4 score of 1.8 with vector </span></span><span style=\"background-color: transparent;\"><span style=\"background-color: transparent;\"><a target=\"_blank\" rel=\"nofollow\" href=\"https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N\">CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N</a></span></span><span style=\"background-color: transparent;\"><span style=\"background-color: transparent;\">.&nbsp;</span></span><span style=\"background-color: transparent;\"><span style=\"background-color: transparent;\">Thank you, Yusuke Uchida for reporting.</span></span></span><br>"
                        }
                    ],
                    "value": "Concrete CMS versions 9 through 9.3.3 and versions below 8.5.19 are vulnerable to stored XSS in the calendar event addition feature because the calendar event name was not sanitized on output. Users or groups with permission to create event calendars can embed scripts, and users or groups with permission to modify event calendars can execute scripts. The Concrete CMS Security Team gave this vulnerability a CVSS v4 score of 1.8 with vector  CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N . Thank you, Yusuke Uchida for reporting."
                }
            ],
            "impacts": [
                {
                    "capecId": "CAPEC-592",
                    "descriptions": [
                        {
                            "lang": "en",
                            "value": "CAPEC-592 Stored XSS"
                        }
                    ]
                }
            ],
            "metrics": [
                {
                    "cvssV4_0": {
                        "Automatable": "NOT_DEFINED",
                        "Recovery": "NOT_DEFINED",
                        "Safety": "NOT_DEFINED",
                        "attackComplexity": "HIGH",
                        "attackRequirements": "NONE",
                        "attackVector": "NETWORK",
                        "baseScore": 1.8,
                        "baseSeverity": "LOW",
                        "privilegesRequired": "HIGH",
                        "providerUrgency": "NOT_DEFINED",
                        "subAvailabilityImpact": "NONE",
                        "subConfidentialityImpact": "LOW",
                        "subIntegrityImpact": "NONE",
                        "userInteraction": "ACTIVE",
                        "valueDensity": "NOT_DEFINED",
                        "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N",
                        "version": "4.0",
                        "vulnAvailabilityImpact": "NONE",
                        "vulnConfidentialityImpact": "NONE",
                        "vulnIntegrityImpact": "NONE",
                        "vulnerabilityResponseEffort": "NOT_DEFINED"
                    },
                    "format": "CVSS",
                    "scenarios": [
                        {
                            "lang": "en",
                            "value": "GENERAL"
                        }
                    ]
                }
            ],
            "problemTypes": [
                {
                    "descriptions": [
                        {
                            "cweId": "CWE-79",
                            "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')",
                            "lang": "en",
                            "type": "CWE"
                        }
                    ]
                }
            ],
            "providerMetadata": {
                "orgId": "ff5b8ace-8b95-4078-9743-eac1ca5451de",
                "shortName": "ConcreteCMS",
                "dateUpdated": "2024-09-24T21:30:37.336Z"
            },
            "references": [
                {
                    "url": "https://github.com/concretecms/concretecms/commit/7c8ed0d1d9db0d7f6df7fa066e0858ea618451a5"
                },
                {
                    "url": "https://github.com/concretecms/concretecms/pull/12183"
                },
                {
                    "url": "https://github.com/concretecms/concretecms/pull/12184"
                },
                {
                    "url": "https://documentation.concretecms.org/9-x/developers/introduction/version-history/934-release-notes"
                },
                {
                    "url": "https://documentation.concretecms.org/developers/introduction/version-history/8519-release-notes"
                }
            ],
            "source": {
                "advisory": "2400810",
                "defect": [
                    "HackerOne"
                ],
                "discovery": "UNKNOWN"
            },
            "title": "Concrete CMS Stored XSS Vulnerability in Calendar Event Addition Feature",
            "x_generator": {
                "engine": "Vulnogram 0.2.0"
            }
        },
        "adp": [
            {
                "metrics": [
                    {
                        "other": {
                            "type": "ssvc",
                            "content": {
                                "timestamp": "2024-09-25T17:04:57.193458Z",
                                "id": "CVE-2024-7398",
                                "options": [
                                    {
                                        "Exploitation": "none"
                                    },
                                    {
                                        "Automatable": "no"
                                    },
                                    {
                                        "Technical Impact": "partial"
                                    }
                                ],
                                "role": "CISA Coordinator",
                                "version": "2.0.3"
                            }
                        }
                    }
                ],
                "title": "CISA ADP Vulnrichment",
                "providerMetadata": {
                    "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
                    "shortName": "CISA-ADP",
                    "dateUpdated": "2024-09-25T17:05:05.899Z"
                }
            }
        ]
    }
}