GHSA-rrvc-c7xg-7cf3

Опубликовано: 06 июн. 2024

Источник: github

Github: Прошло ревью

CVSS3: 6.1

Описание

TokenController formName not sanitized in hidden input

Impact

TokenController get parameter formName not sanitized in returned input field leads to XSS.

What kind of vulnerability is it? Who is impacted?

Patches

Has the problem been patched? What versions should users upgrade to?

Workarounds

Is there a way for users to fix or remediate the vulnerability without upgrading?

Create a custom Symfony Request listener which checks for the get value of form for the TokenController and if not valid stop the request dispatching and return a error status code.

References

Are there any links users can visit to find out more?

Ссылки

Пакеты

Наименование

sulu/form-bundle

composer

Затронутые версииВерсия исправления

>= 2.0.0, < 2.5.3

2.5.3

EPSS

Процентиль: 75%

0.0087

Низкий

6.1 Medium

CVSS3

CVE ID

CVE-2024-37156

Дефекты

CWE-79

CWE-80

Связанные уязвимости

CVE-2024-37156

CVSS3: 6.1

nvd

больше 1 года назад

The SuluFormBundle adds support for creating dynamic forms in Sulu Admin. The TokenController get parameter formName is not sanitized in the returned input field which leads to XSS. This vulnerability is fixed in 2.5.3.

EPSS

Процентиль: 75%

0.0087

Низкий

6.1 Medium

CVSS3

CVE ID

CVE-2024-37156

Дефекты

CWE-79

CWE-80