CVE-2020-23654
Description
NavigateCMS 2.9 is affected by Cross Site Scripting (XSS) via the module "Shop."
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
NavigateCMS 2.9 contains a stored XSS vulnerability in the Shop module allowing authenticated attackers to inject arbitrary JavaScript.
Vulnerability
NavigateCMS 2.9 suffers from a stored cross-site scripting (XSS) vulnerability in the "Shop" module. The application fails to properly sanitize user input when creating products, coupons, brands, shipping methods, or payment methods, allowing injection of arbitrary HTML and JavaScript. The vulnerability is present in all pages under navigate/navigate.php?fid=products, coupons, brands, shipping_methods, and payment_methods. [1]
Exploitation
An authenticated attacker with access to the admin panel can exploit this by navigating to any of the affected Shop submodules and creating a new entry. The attacker inserts a payload such as '><details/open/ontoggle=confirm(1337)> into a text field. Upon saving, the payload is stored and executed when any user (including other administrators) views the affected page, triggering the XSS. [1]
Impact
Successful exploitation allows the attacker to execute arbitrary JavaScript in the context of the victim's browser. This can lead to session hijacking, cookie theft, redirection to malicious sites, or other actions performed under the guise of the vulnerable site. The attack is stored, so it persists until the malicious entry is removed. [1]
Mitigation
As of the publication date (2020-08-26), no official patch has been released for NavigateCMS 2.9. The vendor was notified via the GitHub issue [1]. Users should apply input validation and output encoding to all user-supplied data in the Shop module. If no update is available, consider disabling the Shop module or restricting access to trusted administrators only. [1]
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- NavigateCMS/NavigateCMSdescription
- Range: = 2.9
Patches
0No patches discovered yet.
Vulnerability mechanics
Root cause
"Insufficient output encoding in the Shop module allows stored XSS via injected HTML/JavaScript payloads."
Attack vector
An authenticated attacker with access to the NavigateCMS panel can exploit a Stored XSS vulnerability in the Shop module [ref_id=1]. The attacker logs in, navigates to any of the Shop sub-pages (products, coupons, brands, shipping_methods, or payment_methods), and creates a new entry containing the payload `'>
Affected code
The vulnerability exists in the "Shop" module of NavigateCMS 2.9. The affected endpoints include navigate.php with parameters fid=products, fid=coupons, fid=brands, fid=shipping_methods, and fid=payment_methods [ref_id=1]. The advisory does not specify exact file paths or function names.
What the fix does
No patch is provided in the advisory [ref_id=1]. The reporter recommends that the application HTML-entity-encode any output reflected back to the page rather than merely stripping script tags, as that approach is insufficient to prevent XSS [ref_id=1]. Without a published fix, administrators should apply input sanitization and output encoding to all Shop module fields.
Preconditions
- authAttacker must have a valid authenticated session in the NavigateCMS panel
- configAttacker must have access to the Shop module's create/edit functionality
- inputPayload is submitted via form fields in the Shop module (products, coupons, brands, shipping_methods, or payment_methods)
Reproduction
1. Log into the NavigateCMS panel. 2. Navigate to `navigate/navigate.php?fid=dashboard`. 3. Go to the "Shop" module. 4. Choose any of: `navigate/navigate.php?fid=products`, `navigate/navigate.php?fid=coupons`, `navigate/navigate.php?fid=brands`, `navigate/navigate.php?fid=shipping_methods`, or `navigate/navigate.php?fid=payment_methods`. 5. Click "Create" and insert the payload `'>
Generated on May 25, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
1- github.com/NavigateCMS/Navigate-CMS/issues/10mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.