Lucene search

GitHub Advisory DatabaseGHSA-M988-7375-7G2C

HistorySep 25, 2023 - 5:34 p.m.

pimcore/admin-ui-classic-bundle Cross-site Scripting vulnerability in Translations

2023-09-2517:34:11

CWE-79

GitHub Advisory Database

github.com

pimcore

admin ui

cross-site scripting

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

18.4%

JSON

Impact

The translation value with text including “%s” (from “%suggest%) is parsed by sprintf() even though it’s supposed to be output literally to the user.

The translations may be accessible by a user with comparatively lower overall access (as the translation permission cannot be scoped to certain “modules”) and a skilled attacker might be able to exploit the parsing of the translation string in the dialog box.

Patches

https://github.com/pimcore/admin-ui-classic-bundle/commit/abd7739298f974319e3cac3fd4fcd7f995b63e4c.patch

Workarounds

Update to version 1.1.2 or apply this patches manually
https://github.com/pimcore/admin-ui-classic-bundle/commit/abd7739298f974319e3cac3fd4fcd7f995b63e4c.patch

Affected configurations

Vulners

Node

pimcoreadmin_classic_bundleRange<1.1.2pimcore

VendorProductVersionCPE
pimcoreadmin_classic_bundle*cpe:2.3:a:pimcore:admin_classic_bundle:*:*:*:*:*:pimcore:*:*

Vendor	Product	Version	CPE
pimcore	admin_classic_bundle	*	cpe:2.3:a:pimcore:admin_classic_bundle::::::pimcore::*

References

github.com/advisories/GHSA-m988-7375-7g2c

github.com/pimcore/admin-ui-classic-bundle/commit/abd7739298f974319e3cac3fd4fcd7f995b63e4c

github.com/pimcore/admin-ui-classic-bundle/security/advisories/GHSA-m988-7375-7g2c

nvd.nist.gov/vuln/detail/CVE-2023-42817