Normal view

There are new articles available, click to refresh the page.
Before yesterdayMain stream

SS-2024-002 Reflected Cross Site Scripting (XSS) in error message

14 January 2025 at 16:20
Severity:
None (?)
Identifier:
SS-2024-002
Versions Affected:
silverstripe/framework: <5.3.8
Versions Fixed:
silverstripe/framework: 5.3.8
Release Date:
2025-01-15

This vulnerability only affects sites which are in the "dev" environment mode. If your production website is in "dev" mode, it has been misconfigured, and you should immediately swap it to "live" mode.
See https://docs.silverstripe.org/en/developer_guides/debugging/environment_types/ for more information.

If a website has been set to the "dev" environment mode, a URL can be provided which includes an XSS payload which will be executed in the resulting error message.

Base CVSS: 0.0
Reported by: Gaurav Nayak from Chaleit

CVE-2024-53277 XSS in form messages

14 January 2025 at 16:20
Severity:
Medium (?)
Identifier:
CVE-2024-53277
Versions Affected:
silverstripe/framework: <5.3.8
Versions Fixed:
silverstripe/framework: 5.3.8
Release Date:
2025-01-15

In some cases, form messages can contain HTML markup. This is an intentional feature, allowing links and other relevant HTML markup for the given message.

Some form messages include content that the user can provide. There are scenarios in the CMS where that content doesn't get correctly sanitised prior to being included in the form message, resulting in an XSS vulnerability.

Base CVSS: 5.4
Reported by: Leo Diamat from Bastion Security Group

CVE-2024-47605 XSS via insert media remote file oembed

14 January 2025 at 16:20
Severity:
Medium (?)
Identifier:
CVE-2024-47605
Versions Affected:
silverstripe/framework: <5.3.8
Versions Fixed:
silverstripe/framework: 5.3.8
Release Date:
2025-01-15

When using the "insert media" functionality, the linked oEmbed JSON includes an HTML attribute which will replace the embed shortcode. The HTML is not sanitized before replacing the shortcode, allowing a script payload to be executed on both the CMS and the front-end of the website.

See https://docs.silverstripe.org/en/developer_guides/forms/field_types/htmleditorfield/#sandboxing-oembed-html for details about configuring embed sandboxing.

Base CVSS: 5.4
Reported by: James Nicoll from Fujitsu Cyber Security Services

❌
❌