XSS in CMSimple 5.15 (Settings -> Language)

Software link: CMSimple 5.15 [https://www.cmsimple.org/en/?Downloads___CMSimple]

@author: Antonio Díaz.

Description: Cross-site scripting (XSS) vulnerability in the Language section of the Settings menu of CMSimple 5.15 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into multiple parameters.

CVE: CVE-2024-32344, CVE-2024-32345, CVE-2024-33423 y CVE-2024-33424.

PoC

Edit parameter (Action) (CVE-2024-32344)

1. Enter to Language section of the Settings menu:

2. Set the payload in 'Edit' parameter of the Action section:

3. Click on the Save button:

4. Result:

Configuration parameter (Adminmenu) (CVE-2024-32345)

1. Enter to Language section of the Settings menu:

2. Set the payload in 'Configuration' parameter of the Adminmenu section:

3. Click on the Save button:

4. Result:

Downloads parameter (Adminmenu) (CVE-2024-33424)

1. Enter to Language section of the Settings menu:

2. Set the payload in 'Downloads' parameter of the Adminmenu section:

3. Click on the Save button:

4. Result:

Logout parameter (Adminmenu) (CVE-2024-33423)

1. Enter to Language section of the Settings menu:

2. Set the payload in 'Logout' parameter of the Adminmenu section:

3. Click on the Save button:

4. Result:

Note:

More parameters in the Settings section are vulnerable to XSS attacks.