Lucene search

GitHub Advisory DatabaseGHSA-XWMV-CX7P-FQFC

HistoryFeb 13, 2024 - 12:30 a.m.

caddy-security plugin for Caddy vulnerable to reflected Cross-site Scripting

2024-02-1300:30:27

GitHub Advisory Database

github.com

caddy

security plugin

reflected xss

get request

url

xss payload

admin

settings

mfa

vulnerable

5.9 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.2%

JSON

The caddy-security plugin 1.1.20 for Caddy allows reflected XSS via a GET request to a URL that contains an XSS payload and begins with either a /admin or /settings/mfa/delete/ substring.

Affected configurations

Vulners

Node

github.com\/greenpau\/caddysecurityRange≤1.1.20

CPENameOperatorVersion
github.com/greenpau/caddy-securityle1.1.20

CPE	Name	Operator	Version
	github.com/greenpau/caddy-security	le	1.1.20

References

blog.trailofbits.com/2023/09/18/security-flaws-in-an-sso-plugin-for-caddy

github.com/advisories/GHSA-xwmv-cx7p-fqfc

github.com/greenpau/caddy-security/issues/264

nvd.nist.gov/vuln/detail/CVE-2023-52430