CVE-2023-50924 (GCVE-0-2023-50924)
Vulnerability from cvelistv5 – Published: 2023-12-22 20:37 – Updated: 2024-11-27 15:33
VLAI?
Title
Stored XSS in Overview and Output fields
Summary
Englesystem is a shift planning system for chaos events. Engelsystem prior to v3.4.1 performed insufficient validation of user supplied data for the DECT number, mobile number, and work-log comment fields. The values of those fields would be displayed in corresponding log overviews, allowing the injection and execution of Javascript code in another user's context. This vulnerability enables an authenticated user to inject Javascript into other user's sessions. The injected JS will be executed during normal usage of the system when viewing, e.g., overview pages. This issue has been fixed in version 3.4.1.
Severity ?
7.3 (High)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| engelsystem | engelsystem |
Affected:
< 3.4.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:23:43.905Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/engelsystem/engelsystem/security/advisories/GHSA-p5ch-rrpm-wvhm",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/engelsystem/engelsystem/security/advisories/GHSA-p5ch-rrpm-wvhm"
},
{
"name": "https://github.com/engelsystem/engelsystem/commit/efda1ffc1ce59f02a7d237d9087adea26e73ec5f",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/engelsystem/engelsystem/commit/efda1ffc1ce59f02a7d237d9087adea26e73ec5f"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-50924",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-27T15:33:23.943034Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-27T15:33:49.900Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "engelsystem",
"vendor": "engelsystem",
"versions": [
{
"status": "affected",
"version": "\u003c 3.4.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Englesystem is a shift planning system for chaos events. Engelsystem prior to v3.4.1 performed insufficient validation of user supplied data for the DECT number, mobile number, and work-log comment fields. The values of those fields would be displayed in corresponding log overviews, allowing the injection and execution of Javascript code in another user\u0027s context. This vulnerability enables an authenticated user to inject Javascript into other user\u0027s sessions. The injected JS will be executed during normal usage of the system when viewing, e.g., overview pages. This issue has been fixed in version 3.4.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-22T20:37:47.224Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/engelsystem/engelsystem/security/advisories/GHSA-p5ch-rrpm-wvhm",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/engelsystem/engelsystem/security/advisories/GHSA-p5ch-rrpm-wvhm"
},
{
"name": "https://github.com/engelsystem/engelsystem/commit/efda1ffc1ce59f02a7d237d9087adea26e73ec5f",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/engelsystem/engelsystem/commit/efda1ffc1ce59f02a7d237d9087adea26e73ec5f"
}
],
"source": {
"advisory": "GHSA-p5ch-rrpm-wvhm",
"discovery": "UNKNOWN"
},
"title": "Stored XSS in Overview and Output fields"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-50924",
"datePublished": "2023-12-22T20:37:47.224Z",
"dateReserved": "2023-12-15T20:57:23.174Z",
"dateUpdated": "2024-11-27T15:33:49.900Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:engelsystem:engelsystem:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.4.1\", \"matchCriteriaId\": \"7FFE9236-E9EA-4C61-908B-D8F668F22099\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Englesystem is a shift planning system for chaos events. Engelsystem prior to v3.4.1 performed insufficient validation of user supplied data for the DECT number, mobile number, and work-log comment fields. The values of those fields would be displayed in corresponding log overviews, allowing the injection and execution of Javascript code in another user\u0027s context. This vulnerability enables an authenticated user to inject Javascript into other user\u0027s sessions. The injected JS will be executed during normal usage of the system when viewing, e.g., overview pages. This issue has been fixed in version 3.4.1.\"}, {\"lang\": \"es\", \"value\": \"Englesystem es un sistema de planificaci\\u00f3n de turnos para eventos de caos. Engelsystem anterior a v3.4.1 realizaba una validaci\\u00f3n insuficiente de los datos proporcionados por el usuario para los campos de DECT number, mobile number y work-log comment fields. Los valores de esos campos se mostrar\\u00edan en las descripciones generales de registros correspondientes, lo que permitir\\u00eda la inyecci\\u00f3n y ejecuci\\u00f3n de c\\u00f3digo Javascript en el contexto de otro usuario. Esta vulnerabilidad permite a un usuario autenticado inyectar Javascript en las sesiones de otros usuarios. El JS inyectado se ejecutar\\u00e1 durante el uso normal del sistema al visualizar, por ejemplo, p\\u00e1ginas de descripci\\u00f3n general. Este problema se solucion\\u00f3 en la versi\\u00f3n 3.4.1.\"}]",
"id": "CVE-2023-50924",
"lastModified": "2024-11-21T08:37:32.523",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 7.3, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.3, \"impactScore\": 5.9}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N\", \"baseScore\": 5.4, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.3, \"impactScore\": 2.7}]}",
"published": "2023-12-22T21:15:08.370",
"references": "[{\"url\": \"https://github.com/engelsystem/engelsystem/commit/efda1ffc1ce59f02a7d237d9087adea26e73ec5f\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/engelsystem/engelsystem/security/advisories/GHSA-p5ch-rrpm-wvhm\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/engelsystem/engelsystem/commit/efda1ffc1ce59f02a7d237d9087adea26e73ec5f\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/engelsystem/engelsystem/security/advisories/GHSA-p5ch-rrpm-wvhm\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}]",
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"security-advisories@github.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-50924\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2023-12-22T21:15:08.370\",\"lastModified\":\"2024-11-21T08:37:32.523\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Englesystem is a shift planning system for chaos events. Engelsystem prior to v3.4.1 performed insufficient validation of user supplied data for the DECT number, mobile number, and work-log comment fields. The values of those fields would be displayed in corresponding log overviews, allowing the injection and execution of Javascript code in another user\u0027s context. This vulnerability enables an authenticated user to inject Javascript into other user\u0027s sessions. The injected JS will be executed during normal usage of the system when viewing, e.g., overview pages. This issue has been fixed in version 3.4.1.\"},{\"lang\":\"es\",\"value\":\"Englesystem es un sistema de planificaci\u00f3n de turnos para eventos de caos. Engelsystem anterior a v3.4.1 realizaba una validaci\u00f3n insuficiente de los datos proporcionados por el usuario para los campos de DECT number, mobile number y work-log comment fields. Los valores de esos campos se mostrar\u00edan en las descripciones generales de registros correspondientes, lo que permitir\u00eda la inyecci\u00f3n y ejecuci\u00f3n de c\u00f3digo Javascript en el contexto de otro usuario. Esta vulnerabilidad permite a un usuario autenticado inyectar Javascript en las sesiones de otros usuarios. El JS inyectado se ejecutar\u00e1 durante el uso normal del sistema al visualizar, por ejemplo, p\u00e1ginas de descripci\u00f3n general. Este problema se solucion\u00f3 en la versi\u00f3n 3.4.1.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.3,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":5.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.3,\"impactScore\":2.7}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:engelsystem:engelsystem:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.4.1\",\"matchCriteriaId\":\"7FFE9236-E9EA-4C61-908B-D8F668F22099\"}]}]}],\"references\":[{\"url\":\"https://github.com/engelsystem/engelsystem/commit/efda1ffc1ce59f02a7d237d9087adea26e73ec5f\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/engelsystem/engelsystem/security/advisories/GHSA-p5ch-rrpm-wvhm\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/engelsystem/engelsystem/commit/efda1ffc1ce59f02a7d237d9087adea26e73ec5f\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/engelsystem/engelsystem/security/advisories/GHSA-p5ch-rrpm-wvhm\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/engelsystem/engelsystem/security/advisories/GHSA-p5ch-rrpm-wvhm\", \"name\": \"https://github.com/engelsystem/engelsystem/security/advisories/GHSA-p5ch-rrpm-wvhm\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://github.com/engelsystem/engelsystem/commit/efda1ffc1ce59f02a7d237d9087adea26e73ec5f\", \"name\": \"https://github.com/engelsystem/engelsystem/commit/efda1ffc1ce59f02a7d237d9087adea26e73ec5f\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T22:23:43.905Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-50924\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-27T15:33:23.943034Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-27T15:33:45.816Z\"}}], \"cna\": {\"title\": \"Stored XSS in Overview and Output fields\", \"source\": {\"advisory\": \"GHSA-p5ch-rrpm-wvhm\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.3, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"engelsystem\", \"product\": \"engelsystem\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 3.4.1\"}]}], \"references\": [{\"url\": \"https://github.com/engelsystem/engelsystem/security/advisories/GHSA-p5ch-rrpm-wvhm\", \"name\": \"https://github.com/engelsystem/engelsystem/security/advisories/GHSA-p5ch-rrpm-wvhm\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/engelsystem/engelsystem/commit/efda1ffc1ce59f02a7d237d9087adea26e73ec5f\", \"name\": \"https://github.com/engelsystem/engelsystem/commit/efda1ffc1ce59f02a7d237d9087adea26e73ec5f\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Englesystem is a shift planning system for chaos events. Engelsystem prior to v3.4.1 performed insufficient validation of user supplied data for the DECT number, mobile number, and work-log comment fields. The values of those fields would be displayed in corresponding log overviews, allowing the injection and execution of Javascript code in another user\u0027s context. This vulnerability enables an authenticated user to inject Javascript into other user\u0027s sessions. The injected JS will be executed during normal usage of the system when viewing, e.g., overview pages. This issue has been fixed in version 3.4.1.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-79\", \"description\": \"CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2023-12-22T20:37:47.224Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-50924\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-11-27T15:33:49.900Z\", \"dateReserved\": \"2023-12-15T20:57:23.174Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2023-12-22T20:37:47.224Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…