Lucene search

GitHub Advisory DatabaseGHSA-PP74-G2Q5-J4JF

HistoryNov 21, 2022 - 11:59 p.m.

Silverstipe CMS Stored XSS in custom meta tags

2022-11-2123:59:26

CWE-79

GitHub Advisory Database

github.com

silverstripe

cms

custom metatag

xss

vulnerability

javascript payload

keyboard shortcut

exploit

software

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

31.7%

JSON

A malicious content author could create a custom meta tag and execute an arbitrary JavaScript payload. This would require convincing a legitimate user to access a page and enter a custom keyboard shortcut.
This requires CMS access to exploit.

Affected configurations

Vulners

Node

silverstriperegistryRange4.0.0–4.11.3silverstripe

VendorProductVersionCPE
silverstriperegistry*cpe:2.3:a:silverstripe:registry:*:*:*:*:*:silverstripe:*:*

Vendor	Product	Version	CPE
silverstripe	registry	*	cpe:2.3:a:silverstripe:registry::::::silverstripe::*

References

forum.silverstripe.org/c/releases

github.com/advisories/GHSA-pp74-g2q5-j4jf

github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/cms/CVE-2022-37421.yaml

nvd.nist.gov/vuln/detail/CVE-2022-37421

www.silverstripe.org/blog/tag/release

www.silverstripe.org/download/security-releases/

www.silverstripe.org/download/security-releases/cve-2022-37421