CVE-2024-55451 is a stored Cross-Site Scripting (XSS) vulnerability identified in UJCMS version 9.6.3, specifically within the authenticated SVG file upload and viewing functionality. The root cause is insufficient sanitization of embedded attributes in SVG files uploaded by authenticated users. SVG files can contain embedded scripts or event handlers in attributes, and if these are not properly sanitized, they can execute arbitrary JavaScript when rendered in a user's browser. An attacker with valid credentials can upload a crafted SVG file containing malicious JavaScript. When other backend users view this SVG file, the malicious script executes in their browser context, potentially allowing the attacker to steal sensitive tokens such as session cookies or CSRF tokens. This can lead to session hijacking or unauthorized actions performed on behalf of the victim user. The vulnerability requires the attacker to be authenticated to upload the SVG and requires the victim to interact by viewing the malicious file. The CVSS 3.1 base score is 4.8 (medium), reflecting network attack vector, low attack complexity, high privileges required, user interaction required, and impacts on confidentiality and integrity but no impact on availability. No patches or known exploits are currently publicly available, but the vulnerability is documented and should be addressed promptly to avoid exploitation. The CWE classification is CWE-79, which corresponds to Cross-Site Scripting vulnerabilities.

The primary impact of CVE-2024-55451 is the potential compromise of confidentiality and integrity for backend users of UJCMS 9.6.3. Successful exploitation allows attackers to execute arbitrary JavaScript in the context of other authenticated users, leading to theft of sensitive tokens such as session cookies or CSRF tokens. This can result in session hijacking, unauthorized actions, or privilege escalation within the CMS backend. Organizations relying on UJCMS for content management and backend operations risk unauthorized access to sensitive administrative functions or data. Although availability is not impacted, the breach of confidentiality and integrity can lead to significant operational and reputational damage. The requirement for attacker authentication and victim interaction reduces the likelihood of widespread automated exploitation but does not eliminate targeted attacks. The vulnerability is particularly concerning in environments with multiple backend users and sensitive administrative workflows.

1. Apply patches or updates from UJCMS vendor as soon as they become available to address this vulnerability. 2. Implement strict SVG sanitization on upload, ensuring all embedded scripts, event handlers, and potentially dangerous attributes are removed or neutralized before storage or rendering. 3. Restrict SVG file uploads to trusted users only and consider disabling SVG uploads if not essential. 4. Employ Content Security Policy (CSP) headers to restrict the execution of inline scripts and reduce the impact of XSS attacks. 5. Educate backend users to be cautious when viewing uploaded SVG files from other users. 6. Monitor logs for suspicious upload or access patterns related to SVG files. 7. Consider additional application-layer filtering or scanning of uploaded files for malicious content. 8. Review and harden authentication and session management mechanisms to limit token exposure and reuse. 9. Conduct regular security assessments and penetration testing focusing on file upload and rendering functionalities.