CVE-2022-3708

2022-10-2819:15:10

CWE-918

[email protected]

web.nvd.nist.gov

web stories

wordpress

ssrf

vulnerability

nvd

server-side request forgery

information security

9.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N

7.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

42.9%

JSON

The Web Stories plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including 1.24.0 due to insufficient validation of URLs supplied via the ‘url’ parameter found via the /v1/hotlink/proxy REST API Endpoint. This makes it possible for authenticated users to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.

Affected configurations

Vulners

NVD

Node

googleweb_storiesRange≤1.24.0

VendorProductVersionCPE
googleweb_stories*cpe:2.3:a:google:web_stories:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
google	web_stories	*	cpe:2.3:a:google:web_stories::::::::

CNA Affected

[
  {
    "vendor": "google",
    "product": "Web Stories",
    "versions": [
      {
        "version": "*",
        "status": "affected",
        "lessThanOrEqual": "1.24.0",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]