CVE-2024-45960 – Zenario CMS version 9.7.61188 allows authentica... (How to Fix)

Q: What is the severity of CVE-2024-45960?

CVE-2024-45960 has a CVSS score of 4.8 (MEDIUM). Zenario CMS version 9.7.61188 allows authenticated admin users to upload PDF files containing malicious JavaScript code. When these PDFs are accessed through the website, they can execute cross-site scripting attacks against other users. This affects organizations using vulnerable Zenario installations with admin accounts.

📋 TL;DR

Zenario CMS version 9.7.61188 allows authenticated admin users to upload PDF files containing malicious JavaScript code. When these PDFs are accessed through the website, they can execute cross-site scripting attacks against other users. This affects organizations using vulnerable Zenario installations with admin accounts.

💻 Affected Systems

Products:

Zenario CMS

Versions: 9.7.61188

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Requires authenticated admin access to exploit. The vulnerability is in PDF file handling functionality.

📦 What is this software?

Zenario by Tribalsystems

View all CVEs affecting Zenario →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers with admin credentials could upload malicious PDFs that execute arbitrary JavaScript in victims' browsers, potentially stealing session cookies, performing actions as authenticated users, or redirecting to phishing sites.

🟠

Likely Case

Malicious admins or compromised admin accounts could upload PDFs that execute limited JavaScript payloads when accessed by other users, potentially stealing session data or performing unauthorized actions.

🟢

If Mitigated

With proper access controls and input validation, the impact is limited to authenticated admin users who would already have significant system access.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires admin credentials. The Medium article demonstrates the vulnerability with technical details.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Unknown

Restart Required: No

Instructions:

Check Zenario vendor website for security updates. Upgrade to latest version when available.

🔧 Temporary Workarounds

Restrict PDF uploads

all

Disable PDF upload functionality for all users or implement strict file type validation

Implement Content Security Policy

all

Add CSP headers to prevent execution of inline JavaScript from uploaded files

🧯 If You Can't Patch

Restrict admin account access to trusted personnel only and implement multi-factor authentication
Monitor PDF uploads and access logs for suspicious activity

🔍 How to Verify

Check if Vulnerable:

Check Zenario version in admin panel or configuration files. If version is 9.7.61188, system is vulnerable.

Check Version:

Check admin panel dashboard or examine Zenario configuration files

Verify Fix Applied:

Test PDF upload functionality with embedded JavaScript to verify proper sanitization

📡 Detection & Monitoring

Log Indicators:

Unusual PDF uploads by admin users
Multiple PDF access requests from same IP

Network Indicators:

JavaScript execution in PDF file responses
Suspicious file upload patterns

SIEM Query:

source="zenario_logs" AND (event="file_upload" AND file_type="pdf")

📊 Metadata

CVE ID: CVE-2024-45960

CVSS v3 Score: 4.8 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

CWE: CWE-79

Published: October 2, 2024

Last Updated: July 3, 2025

🔗 References

https://grimthereaperteam.medium.com/zenario-9-7-9-7-61188-malicious-file-upload-xss-in-pdf-eb11729fe059 Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-45960, you might also want to check these: