GitHub_MCVELIST:CVE-2023-42452CVE-2023-42452 Mastodon vulnerable to Stored XSS through the translation feature
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
0.0004 Low
EPSS
Percentile
14.2%
Mastodon is a free, open-source social network server based on ActivityPub. In versions on the 4.x branch prior to versions 4.0.10, 4.2.8, and 4.2.0-rc2, under certain conditions, attackers can abuse the translation feature to bypass the server-side HTML sanitization, allowing unescaped HTML to execute in the browser. The impact is limited thanks to Mastodonβs strict Content Security Policy, blocking inline scripts, etc. However a CSP bypass or loophole could be exploited to execute malicious XSS. Furthermore, it requires user interaction, as this can only occur upon clicking the βTranslateβ button on a malicious post. Versions 4.0.10, 4.2.8, and 4.2.0-rc2 contain a patch for this issue.
CNA Affected
[
{
"vendor": "mastodon",
"product": "mastodon",
"versions": [
{
"version": ">= 4.0.0, < 4.0.10",
"status": "affected"
},
{
"version": ">= 4.1.0, < 4.1.8",
"status": "affected"
},
{
"version": ">= 4.2.0-beta1, < 4.2.0-rc2",
"status": "affected"
}
]
}
]Related
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
0.0004 Low
EPSS
Percentile
14.2%