CVE-2023-53891
BaseFortify
Publication date: 2025-12-15
Last updated on: 2025-12-17
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| blackcat-cms | blackcat_cms | 1.4 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2023-53891 is a stored cross-site scripting (XSS) vulnerability in Blackcat CMS version 1.4. Authenticated users can inject malicious JavaScript code into page content via the page modification interface. This malicious script is stored and then executed when other users view the compromised page, potentially allowing attackers to perform unauthorized actions such as session hijacking or defacement. The vulnerability exists due to insufficient input sanitization or output encoding of user-supplied content. [1, 3]
How can this vulnerability impact me? :
This vulnerability can impact you by allowing attackers to execute arbitrary JavaScript code in the context of users viewing the affected pages. This can lead to session hijacking, defacement of the website, theft of sensitive information, or other malicious actions that compromise user security and trust. [1, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
To detect this vulnerability on your system, you can attempt to reproduce the exploit by logging into Blackcat CMS version 1.4 with an authenticated user account, then navigating to the page modification interface at `/backend/pages/modify.php?page_id=1` and injecting a test payload such as `<img src=x onerror=alert(4)>` into the page content. Afterwards, visit the preview page at `/page/welcome.php?preview=1` to see if the JavaScript alert executes, indicating the presence of the stored XSS vulnerability. There are no specific network commands provided, but manual testing through the CMS interface as described is the suggested detection method. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting access to the page modification interface to trusted authenticated users only, applying input sanitization and output encoding to user-supplied content in the CMS to prevent script injection, and monitoring for suspicious script injections in page content. Additionally, updating to a patched version of Blackcat CMS if available or applying vendor-provided security fixes is recommended. If no patch is available, consider disabling the page modification feature temporarily or limiting user privileges to reduce risk. [1, 3]