CVE-2022-31175

Опубликовано: 03 авг. 2022

Источник: nvd

CVSS3: 5.8

CVSS3: 4.7

EPSS Низкий

Описание

CKEditor 5 is a JavaScript rich text editor. A cross-site scripting vulnerability has been discovered affecting three optional CKEditor 5's packages in versions prior to 35.0.1. The vulnerability allowed to trigger a JavaScript code after fulfilling special conditions. The affected packages are @ckeditor/ckeditor5-markdown-gfm, @ckeditor/ckeditor5-html-support, and @ckeditor/ckeditor5-html-embed. The specific conditions are 1) Using one of the affected packages. In case of ckeditor5-html-support and ckeditor5-html-embed, additionally, it was required to use a configuration that allows unsafe markup inside the editor. 2) Destroying the editor instance and 3) Initializing the editor on an element and using an element other than <textarea> as a base. The root cause of the issue was a mechanism responsible for updating the source element with the markup coming from the CKEditor 5 data pipeline after destroying the editor. This vulnerability might affect a small percent of integ

Ссылки

https://ckeditor.com/docs/ckeditor5/latest/features/general-html-support.html
Vendor Advisory
https://ckeditor.com/docs/ckeditor5/latest/features/html-embed.html
Vendor Advisory
https://ckeditor.com/docs/ckeditor5/latest/features/markdown.html
Vendor Advisory
https://github.com/ckeditor/ckeditor5/security/advisories/GHSA-42wq-rch8-6f6j
Third Party Advisory
https://ckeditor.com/docs/ckeditor5/latest/features/general-html-support.html
Vendor Advisory
https://ckeditor.com/docs/ckeditor5/latest/features/html-embed.html
Vendor Advisory
https://ckeditor.com/docs/ckeditor5/latest/features/markdown.html
Vendor Advisory
https://github.com/ckeditor/ckeditor5/security/advisories/GHSA-42wq-rch8-6f6j
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ckeditor:ckeditor5-html-embed:*:*:*:*:*:node.js:*:*

Версия до 35.0.1 (исключая)

cpe:2.3:a:ckeditor:ckeditor5-html-support:*:*:*:*:*:node.js:*:*

Версия до 35.0.1 (исключая)

cpe:2.3:a:ckeditor:ckeditor5-markdown-gfm:*:*:*:*:*:node.js:*:*

Версия до 35.0.1 (исключая)

EPSS

Процентиль: 74%

0.00846

Низкий

5.8 Medium

CVSS3

4.7 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

CVE-2022-31175

CVSS3: 5.8

ubuntu

больше 3 лет назад

CKEditor 5 is a JavaScript rich text editor. A cross-site scripting vulnerability has been discovered affecting three optional CKEditor 5's packages in versions prior to 35.0.1. The vulnerability allowed to trigger a JavaScript code after fulfilling special conditions. The affected packages are `@ckeditor/ckeditor5-markdown-gfm`, `@ckeditor/ckeditor5-html-support`, and `@ckeditor/ckeditor5-html-embed`. The specific conditions are 1) Using one of the affected packages. In case of `ckeditor5-html-support` and `ckeditor5-html-embed`, additionally, it was required to use a configuration that allows unsafe markup inside the editor. 2) Destroying the editor instance and 3) Initializing the editor on an element and using an element other than `<textarea>` as a base. The root cause of the issue was a mechanism responsible for updating the source element with the markup coming from the CKEditor 5 data pipeline after destroying the editor. This vulnerability might affect a small percent of in...

GHSA-42wq-rch8-6f6j

CVSS3: 5.8

github

больше 3 лет назад

CKEditor5 cross-site scripting vulnerability caused by the editor instance destroying process

EPSS

Процентиль: 74%

0.00846

Низкий

5.8 Medium

CVSS3

4.7 Medium

CVSS3

Дефекты

CWE-79