CVE-2020-18325

Vulnerability

Multiple reflected Cross-Site Scripting (XSS) vulnerabilities exist in Intelliants Subrion CMS v4.2.1 within the Configuration panel. Affected endpoints include /panel/configuration/pictures/, /panel/configuration/mail/, /panel/configuration/miscellaneous/, and /panel/menus/add/. The vulnerability is present in the way user-supplied input is handled in configuration parameters, which are not properly sanitized before being reflected back to the user [1], [2].

Exploitation

An attacker can exploit this vulnerability by sending a crafted POST request to any of the affected configuration endpoints. The attacker must be authenticated with valid administrator credentials to access the panel. The request includes malicious JavaScript payloads in parameters such as c[image_quality] or v[image_quality]; upon submitting the form, the payload is reflected and executed in the victim's browser. No user interaction beyond the admin performing their normal configuration tasks is required [2].

Impact

Successful exploitation allows the attacker to execute arbitrary JavaScript within the context of the authenticated administrator's session. This can lead to theft of session cookies, defacement of the admin interface, or redirection to malicious sites. The impact is limited to the administrative panel, but an attacker could leverage this to perform other actions as the admin user [2].

Mitigation

As of the available references, no official patch has been released for Subrion CMS 4.2.1 to address these XSS vulnerabilities. Administrators should ensure they are using the latest version of Subrion CMS and monitor the vendor's repository [3] for updates. Until a fix is available, restrict access to the admin panel to trusted users and consider using a web application firewall to filter malicious inputs [2].