Lucene search

GitHub Advisory DatabaseGHSA-XMJH-WJC5-WG4H

HistoryMay 14, 2022 - 1:19 a.m.

Silverstripe CMS XSS Vulnerability

2022-05-1401:19:31

CWE-79

GitHub Advisory Database

github.com

silverstripe

xss

vulnerability

page name

javascript

svg

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

32.7%

JSON

There is XSS in SilverStripe CMS before 3.4.4 and 3.5.x before 3.5.2. The attack vector is a page name. An example payload is a crafted JavaScript event handler within a malformed SVG element.

Affected configurations

Vulners

Node

silverstriperegistryRange3.5.0–3.5.2silverstripe

silverstriperegistryRange<3.4.4silverstripe

VendorProductVersionCPE
silverstriperegistry*cpe:2.3:a:silverstripe:registry:*:*:*:*:*:silverstripe:*:*

Vendor	Product	Version	CPE
silverstripe	registry	*	cpe:2.3:a:silverstripe:registry::::::silverstripe::*

References

github.com/advisories/GHSA-xmjh-wjc5-wg4h

nvd.nist.gov/vuln/detail/CVE-2017-5197

web.archive.org/web/20210123234141/www.securityfocus.com/bid/96572

www.silverstripe.org/download/security-releases/

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

32.7%

JSON

Related for GHSA-XMJH-WJC5-WG4H