CVE-2023-53909
BaseFortify
Publication date: 2025-12-17
Last updated on: 2025-12-27
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| wbce | wbce_cms | 1.6.1 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability be detected on my network or system? Can you suggest some commands?
You can detect this vulnerability by checking for the presence of malicious SVG files uploaded to the media manager endpoint. Specifically, look for SVG files containing embedded <script> tags in the directory /wbce/media/. For example, you can use commands like: 1) To find SVG files containing script tags on the server: grep -rl '<script' /path/to/wbce/media/*.svg 2) To monitor HTTP POST requests to the vulnerable endpoint, you can use network monitoring tools or logs to detect multipart/form-data POST requests to /wbce/modules/elfinder/ef/php/connector.wbce.php with upload[] parameters. Additionally, reviewing web server logs for suspicious uploads or accesses to SVG files may help identify exploitation attempts. [1, 2]
Can you explain this vulnerability to me?
This vulnerability is a stored cross-site scripting (XSS) issue in WBCE CMS 1.6.1. It allows authenticated attackers to upload specially crafted SVG files containing malicious JavaScript through the media manager. When other users access these uploaded SVG files, the malicious JavaScript executes in their browsers.
How can this vulnerability impact me? :
The vulnerability can lead to execution of malicious JavaScript in the context of users who access the uploaded SVG files. This can result in theft of user credentials, session hijacking, or other malicious actions performed on behalf of the victim user.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting or disabling SVG file uploads through the media manager to prevent attackers from uploading malicious SVG files. You should also implement input validation and sanitization to block SVG files containing script tags. Additionally, restrict access to the /wbce/modules/elfinder/ef/php/connector.wbce.php endpoint to authenticated and authorized users only. Monitoring and removing any suspicious SVG files already uploaded is recommended. Applying any available patches or updates from WBCE CMS developers addressing this vulnerability is also advised. [1, 2]