Описание
Stored XSS using uppercase characters in HTMLEditor
A malicious content author could add a Javascript payload to the href attribute of a link. A similar issue was identified and fixed via CVE-2022-28803. However, the fix didn't account for the casing of the href attribute. An attacker must have access to the CMS to exploit this issue.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2022-37430
- https://forum.silverstripe.org/c/releases
- https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2022-37430.yaml
- https://www.silverstripe.org/blog/tag/release
- https://www.silverstripe.org/download/security-releases
- https://www.silverstripe.org/download/security-releases/cve-2022-37430
Пакеты
Наименование
silverstripe/framework
composer
Затронутые версииВерсия исправления
>= 4.0.0, < 4.11.13
4.11.13
Связанные уязвимости
CVSS3: 5.4
nvd
около 3 лет назад
Silverstripe silverstripe/framework through 4.11 allows XSS vulnerability via href attribute of a link (issue 2 of 2).