NukeViet CMS Stored Cross-Site Scripting Vulnerability

A stored cross-site scripting vulnerability has been identified in NukeViet CMS versions 4.5.07 and prior. This issue arises from inadequate server-side input sanitization in the Request class, allowing attackers to inject malicious payloads that are stored and executed in the browsers of users who view the content. The vulnerability can be exploited by any anonymous visitor without authentication, impacting administrators and moderators who review user-submitted content. Potential consequences include session hijacking through cookie theft, unauthorized actions performed under the victim's identity, and phishing attacks via manipulated email notifications.

Impact

Exploitation of this vulnerability allows for stored cross-site scripting, where injected scripts are executed in the context of the user viewing the content. This could lead to session hijacking, unauthorized actions under the victim's identity, and phishing attacks through altered email notifications.

Remediation

Users are advised to upgrade to NukeViet CMS version 4.5.08 or later. For those unable to upgrade immediately, it is recommended to implement server-side HTML sanitization in the Request class to remove or encode harmful tags and attributes, apply a Content Security Policy to limit inline script execution, and set cookies with the HttpOnly flag to protect against cookie theft.