GetSimpleCMS Community Edition Stored Cross-Site Scripting Vulnerability

A stored cross-site scripting vulnerability has been identified in GetSimpleCMS Community Edition (CE) version 3.3.16. The issue arises in the Theme to Components functionality within components.php, where user input in the 'slug' field is saved without adequate output encoding. While other fields undergo sanitation, the slug is directly written to XML and later displayed in the administrative interface unsanitized. This flaw allows for the persistent execution of arbitrary JavaScript. An authenticated administrator can inject malicious scripts that execute whenever the Components page is accessed by any authenticated user. This vulnerability could lead to session hijacking, unauthorized administrative actions, and a lasting compromise of the CMS administrative interface.

Impact

Exploitation of this vulnerability allows for stored cross-site scripting, where injected scripts are executed in the context of the user viewing the Components page. This could result in session hijacking, unauthorized administrative actions, and a persistent compromise of the CMS administrative interface.

Remediation

Users can upgrade to GetSimpleCMS Community Edition version 3.3.22, which addresses this vulnerability.