Lucene search

GoogleOSV:GHSA-8JJH-J3C2-CJCV

HistoryNov 22, 2023 - 8:55 p.m.

Cross-site Scripting via uploaded assets

2023-11-2220:55:07

Google

osv.dev

cross-site scripting

uploaded assets

html files

mime validation

front-end forms

control panel

authentication

patched

software

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:H

AI Score

7.2

Confidence

Low

EPSS

0.001

Percentile

20.6%

JSON

Impact

HTML files crafted to look like images may be uploaded regardless of mime validation. This is only applicable on front-end forms using the “Forms” feature containing an assets field, or within the control panel which requires authentication.

Patches

It has been patched on 3.4.15 and 4.36.0.

References

github.com/statamic/cms

github.com/statamic/cms/releases/tag/v3.4.15

github.com/statamic/cms/releases/tag/v4.36.0

github.com/statamic/cms/security/advisories/GHSA-8jjh-j3c2-cjcv

nvd.nist.gov/vuln/detail/CVE-2023-48701

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:H

AI Score

7.2

Confidence

Low

EPSS

0.001

Percentile

20.6%

JSON

Related for OSV:GHSA-8JJH-J3C2-CJCV