Zend-Navigation vulnerable to Cross-site Scripting

2024-06-0722:06:01

CWE-352

GitHub Advisory Database

github.com

zend framework 2

cross-site scripting

xss

vulnerability

view helpers

html attributes

user data

javascript

attack vectors

form

navigation

html element

gravatar

5.8 Medium

AI Score

Confidence

High

JSON

Many Zend Framework 2 view helpers were using the escapeHtml() view helper in order to escape HTML attributes, instead of the more appropriate escapeHtmlAttr(). In situations where user data and/or JavaScript is used to seed attributes, this can lead to potential cross site scripting (XSS) attack vectors.

Vulnerable view helpers include:

All Zend\Form view helpers.
Most Zend\Navigation (aka Zend\View\Helper\Navigation\*) view helpers.
All “HTML Element” view helpers: htmlFlash(), htmlPage(), htmlQuickTime().
Zend\View\Helper\Gravatar

Affected configurations

Vulners

Node

zendframeworkzend-navigationRange<2.3.1

zendframeworkzend-navigationRange<2.2.7

CPENameOperatorVersion
zendframework/zend-navigationlt2.3.1
zendframework/zend-navigationlt2.2.7

CPE	Name	Operator	Version
	zendframework/zend-navigation	lt	2.3.1
	zendframework/zend-navigation	lt	2.2.7

References

framework.zend.com/security/advisory/ZF2014-03

github.com/advisories/GHSA-6v7p-5qcq-268c

github.com/FriendsOfPHP/security-advisories/blob/master/zendframework/zend-navigation/ZF2014-03.yaml

5.8 Medium

AI Score

Confidence

High

JSON