CVE-2018-18824

Vulnerability

WolfCMS v0.8.3.1 suffers from a stored cross-site scripting (XSS) vulnerability in the file manager component. An attacker can upload an SVG file containing malicious JavaScript code via the /?/admin/plugin/file_manager/browse/ endpoint. The SVG file is stored on the server and executed when the file is viewed or accessed, leading to XSS. Affected version: WolfCMS v0.8.3.1 [1].

Exploitation

An attacker requires authenticated access to the admin panel with permissions to use the file manager. The attacker uploads an SVG file containing embedded JavaScript code (e.g., via `` tags or event handlers). When an administrator or other user browses the uploaded file, the malicious script executes in their browser context [1].

Impact

Successful exploitation allows an attacker to execute arbitrary JavaScript in the context of the victim's browser. This can lead to session hijacking, defacement, or theft of sensitive information such as admin credentials or cookies. The impact is limited to the browser session of users who view the uploaded SVG file [1].

Mitigation

No official patch has been released for this vulnerability as of the publication date. Users should restrict file upload permissions to trusted administrators only and consider disabling SVG file uploads in the file manager configuration. Monitor vendor updates for a future fix [1].