Lucene search

GoogleOSV:GHSA-RRVC-C7XG-7CF3

HistoryJun 06, 2024 - 9:36 p.m.

TokenController formName not sanitized in hidden input

2024-06-0621:36:40

Google

osv.dev

tokencontroller

formname

hidden input

xss

symfony request listener

vulnerability

upgrade

patch

software

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

Percentile

9.0%

JSON

Impact

TokenController get parameter formName not sanitized in returned input field leads to XSS.

What kind of vulnerability is it? Who is impacted?

Patches

Has the problem been patched? What versions should users upgrade to?

Workarounds

Is there a way for users to fix or remediate the vulnerability without upgrading?

Create a custom Symfony Request listener which checks for the get value of form for the TokenController and if not valid stop the request dispatching and return a error status code.

References

Are there any links users can visit to find out more?

References

github.com/sulu/SuluFormBundle

github.com/sulu/SuluFormBundle/commit/3f341b71a7309cbc8fd2c5bff894c654d1679b17

github.com/sulu/SuluFormBundle/security/advisories/GHSA-rrvc-c7xg-7cf3

nvd.nist.gov/vuln/detail/CVE-2024-37156

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

Percentile

9.0%

JSON

Related for OSV:GHSA-RRVC-C7XG-7CF3