Lucene search

Veracode Vulnerability DatabaseVERACODE:46309

HistoryApr 10, 2024 - 7:57 a.m.

Tag Injection

2024-04-1007:57:21

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

contao

core-bundle

tag injection

simpletokenparser.php

validation

frontend forms

vulnerable

3.1 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

6.9 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.5%

JSON

contao/core-bundle is vulnerable to Tag Injection. The vulnerability is due to insufficient validation within SimpleTokenParser.php, allowing malicious users to inject tags via the form generator in frontend forms if the output is structured in a specific way.

CPENameOperatorVersion
contao/core-bundlele4.13.39
contao/core-bundlele5.3.3
contao/core-bundlele4.13.39
contao/core-bundlele5.3.3

Name	Operator	Version
contao/core-bundle	le	4.13.39
contao/core-bundle	le	5.3.3
contao/core-bundle	le	4.13.39
contao/core-bundle	le	5.3.3

References

contao.org/en/security-advisories/insert-tag-injection-via-the-form-generator

github.com/contao/contao/commit/388859dcf110ca70e0fae68a2a5579ab6a702919

github.com/contao/contao/commit/474a2fc25f1d84d786aba8c6d234af99e64d016b

github.com/contao/contao/security/advisories/GHSA-747v-52c4-8vj8

3.1 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

6.9 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.5%

JSON

Related for VERACODE:46309