Lucene search

GoogleOSV:CVE-2023-36828

HistoryJul 05, 2023 - 10:15 p.m.

CVE-2023-36828

2023-07-0522:15:10

Google

osv.dev

statamic

cross-site scripting

svg

vulnerability

patch

5.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L

6.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

33.5%

JSON

Statamic is a flat-first, Laravel and Git powered content management system. Prior to version 4.10.0, the SVG tag does not sanitize malicious SVG. Therefore, an attacker can exploit this vulnerability to perform cross-site scripting attacks using SVG, even when using the sanitize function. Version 4.10.0 contains a patch for this issue.

CPENameOperatorVersion
cmseq3.2.15
cmseq3.3.63
cmseq3.3.16
cmseq3.0.36
cmseq3.0.1
cmseq3.0.38
cmseq3.3.0
cmseq3.1.3
cmseq3.3.17
cmseq3.0.43

Name	Operator	Version
cms	eq	3.2.15
cms	eq	3.3.63
cms	eq	3.3.16
cms	eq	3.0.36
cms	eq	3.0.1
cms	eq	3.0.38
cms	eq	3.3.0
cms	eq	3.1.3
cms	eq	3.3.17
cms	eq	3.0.43

Rows per page:

1-10 of 2891

References

github.com/statamic/cms/blob/f806b6b007ddcf066082eef175653c5beaa96d60/src/Http/Controllers/CP/Fieldtypes/FilesFieldtypeController.php#L15

github.com/statamic/cms/blob/f806b6b007ddcf066082eef175653c5beaa96d60/src/Tags/Svg.php#L36-L40

github.com/statamic/cms/commit/c714893ad92de6e5ede17b501003441af505b30d

github.com/statamic/cms/pull/8408

github.com/statamic/cms/releases/tag/v4.10.0

github.com/statamic/cms/security/advisories/GHSA-6r5g-cq4q-327g