Resolved Bug

This bug has been marked as resolved.

WARNING v5.4.1.1 XSS/Remote Code Execution Exploit!

Permalink 75 73 Browser Info Environment
There is a securityhole!

plz close it!

more here

Status: Resolved
View Best Answer
Mnkras replied on at Permalink
Nice catch,

its because the ccm-token is not passed when creating a scrapbook, i believe
Mnkras replied on at Best Answer Permalink
in the meantime to make it slightly harder,

put this in your /config/site.php

define('SESSION', 'CONCRETE5');

and change CONCRETE5 to whatever you want,
Note: everyones session will be lost, so they have to resign in.
neoasix replied on at Permalink
ok thx. hope it will be harder in next update :>
Mnkras replied on at Permalink
The entire exploit counts on the user being able to hijack an admin's cookies, as long as you don't login on insecure networks
andrew replied on at Permalink
Fixed in github by incorporating the validation token into scrapbook functionality. Thanks mnkras.

concrete5 Environment Information
Webserver Apache

Browser User-Agent String

Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0b9) Gecko/20100101 Firefox/4.0b9