Mezzanine CMS Stored Cross-Site Scripting Vulnerability in Admin Interface
Vulnerability
A stored cross-site scripting vulnerability has been identified in Mezzanine CMS versions prior to 6.1.1. This issue resides in the admin interface, specifically within the 'displayable_links_js' function. The vulnerability arises because blog post titles are not properly sanitized before being included in JSON responses served via '/admin/displayable_links.js'. An authenticated admin user can exploit this by creating a blog post with a malicious JavaScript payload in the title. They can then lure another admin user into clicking a direct link to the '/admin/displayable_links.js' endpoint, which triggers the execution of the malicious script in the victim's browser.
Impact
Exploitation of this vulnerability allows for stored cross-site scripting, where injected scripts are executed in the context of the user viewing the affected page.
Remediation
Users can update to Mezzanine CMS version 6.1.1 or later, where this vulnerability has been fixed.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.