GitHub_MCVELIST:CVE-2023-36828CVE-2023-36828 Statamic's Antlers sanitizer cannot effectively sanitize malicious SVG
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
EPSS
Percentile
40.2%
Statamic is a flat-first, Laravel and Git powered content management system. Prior to version 4.10.0, the SVG tag does not sanitize malicious SVG. Therefore, an attacker can exploit this vulnerability to perform cross-site scripting attacks using SVG, even when using the sanitize function. Version 4.10.0 contains a patch for this issue.
CNA Affected
[
{
"vendor": "statamic",
"product": "cms",
"versions": [
{
"version": "< 4.10.0",
"status": "affected"
}
]
}
]References
github.com/statamic/cms/blob/f806b6b007ddcf066082eef175653c5beaa96d60/src/Http/Controllers/CP/Fieldtypes/FilesFieldtypeController.php#L15
github.com/statamic/cms/blob/f806b6b007ddcf066082eef175653c5beaa96d60/src/Tags/Svg.php#L36-L40
github.com/statamic/cms/commit/c714893ad92de6e5ede17b501003441af505b30d
github.com/statamic/cms/pull/8408
github.com/statamic/cms/releases/tag/v4.10.0
github.com/statamic/cms/security/advisories/GHSA-6r5g-cq4q-327g
Related
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
EPSS
Percentile
40.2%