Alexey Solovyev

Name of the Vulnerable Software and Affected Versions: Concrete CMS versions 9.0.0 through 9.3.3 Concrete CMS versions below 8.5.19 Description: The issue concerns Stored XSS in the Image Editor Background Color, where a rogue admin could add malicious code to the `Thumbnails/Add-Type`. This could potentially lead to security breaches. Recommendations: For Concrete CMS versions 9.0.0 through 9.3.3, update to a version above 9.3.3 to resolve the issue. For Concrete CMS versions below 8.5.19, update to version 8.5.19 or higher to resolve the issue. As a temporary workaround, consider restricting access to the `Thumbnails/Add-Type` to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Concrete CMS versions 9.0.0 through 9.2.7 Concrete CMS versions 8.0.0 through 8.5.15 **Description** The issue concerns Stored XSS in the Custom Class page editing, where a rogue administrator could insert malicious code in the custom class field due to insufficient validation of administrator-provided data. **Recommendations** For Concrete CMS versions 9.0.0 through 9.2.7, update to version 9.2.8 or later. For Concrete CMS versions 8.0.0 through 8.5.15, update to version 8.5.16 or later. As a temporary workaround, consider restricting access to the Custom Class page editing feature until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Concrete CMS versions 9.0.0 through 9.2.7 Concrete CMS versions 8.5.15 and earlier **Description** The issue is related to Stored XSS in blocks of type file, which could be caused by a rogue administrator adding malicious code to the `link-text` field when creating a block of type file. **Recommendations** For Concrete CMS version 9, update to version 9.2.8 or later. For Concrete CMS versions prior to 8.5.16, update to version 8.5.16 or later. As a temporary workaround, consider restricting access to the block creation feature to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Concrete CMS versions 9 prior to 9.2.8 Concrete CMS versions prior to 8.5.16 **Description** The issue concerns Stored XSS in the Search Field. It could be executed by an administrator changing a filter to which a rogue administrator had previously added malicious code. **Recommendations** For Concrete CMS version 9, update to version 9.2.8 or later. For Concrete CMS versions prior to 8.5.16, update to version 8.5.16 or later.

**Name of the Vulnerable Software and Affected Versions** Revive Adserver versions prior to 5.2.0 **Description** The issue allows an attacker to execute injected JavaScript code by tricking a user into clicking on a specifically crafted URL. This is due to a reflected XSS vulnerability in the `status` parameter of the "campaign-zone-zones.php" endpoint. **Recommendations** For versions prior to 5.2.0, update to version 5.2.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the "campaign-zone-zones.php" endpoint to minimize the risk of exploitation. Avoid using the `status` parameter in the affected endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Revive Adserver versions prior to 5.2.0 **Description** The issue is related to a reflected XSS vulnerability due to single quotes not being escaped in the `statsBreakdown` parameter of stats.php, and possibly other scripts. An attacker could trick a user into clicking on a specifically crafted URL and pressing a certain key combination to execute injected JavaScript code. **Recommendations** For versions prior to 5.2.0, update to version 5.2.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the stats.php script and avoiding the use of the `statsBreakdown` parameter until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** Revive Adserver versions prior to 5.1.1 **Description** The issue is related to a reflected XSS vulnerability. It affects the userlog-index.php file via the `period preset` parameter. **Recommendations** For versions prior to 5.1.1, update to version 5.1.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the userlog-index.php file or avoiding the use of the `period preset` parameter until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Revive Adserver versions prior to 5.1.1 **Description** The issue is related to a reflected XSS vulnerability. It affects the stats.php file via the `setPerPage` parameter. **Recommendations** For versions prior to 5.1.1, update to version 5.1.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the stats.php file or avoiding the use of the `setPerPage` parameter until the update is applied.