Lucene search

[email protected]NVD:CVE-2022-43996

HistoryDec 13, 2022 - 10:15 p.m.

CVE-2022-43996

2022-12-1322:15:10

CWE-79

[email protected]

web.nvd.nist.gov

csaf_provider

xss

csaf

document upload

html pages

javascript

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

23.0%

JSON

The csaf_provider package before 0.8.2 allows XSS via a crafted CSAF document uploaded as text/html. The endpoint upload allows valid CSAF advisories (JSON format) to be uploaded with Content-Type text/html and filenames ending in .html. When subsequently accessed via web browser, these advisories are served and interpreted as HTML pages. Such uploaded advisories can contain JavaScript code that will execute within the browser context of users inspecting the advisory.

Affected configurations

Nvd

Node

csaf_provider_projectcsaf_providerRange<0.8.2

VendorProductVersionCPE
csaf_provider_projectcsaf_provider*cpe:2.3:a:csaf_provider_project:csaf_provider:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
csaf_provider_project	csaf_provider	*	cpe:2.3:a:csaf_provider_project:csaf_provider::::::::

References

wid.cert-bund.de/.well-known/csaf/white/2022/bsi-2022-0003.json