cve-2024-23817
Vulnerability from cvelistv5
Published
2024-01-25 19:42
Modified
2024-08-01 23:13
Severity ?
7.1 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N
Summary
Dolibarr is an enterprise resource planning (ERP) and customer relationship management (CRM) software package. Version 18.0.4 has a HTML Injection vulnerability in the Home page of the Dolibarr Application. This vulnerability allows an attacker to inject arbitrary HTML tags and manipulate the rendered content in the application's response. Specifically, I was able to successfully inject a new HTML tag into the returned document and, as a result, was able to comment out some part of the Dolibarr App Home page HTML code. This behavior can be exploited to perform various attacks like Cross-Site Scripting (XSS). To remediate the issue, validate and sanitize all user-supplied input, especially within HTML attributes, to prevent HTML injection attacks; and implement proper output encoding when rendering user-provided data to ensure it is treated as plain text rather than executable HTML.
References
security-advisories@github.comhttps://github.com/Dolibarr/dolibarr/security/advisories/GHSA-7947-48q7-cp5mExploit, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/Dolibarr/dolibarr/security/advisories/GHSA-7947-48q7-cp5mExploit, Vendor Advisory
Impacted products
Vendor Product Version
Dolibarr dolibarr Version: = 18.0.4
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T23:13:08.027Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/Dolibarr/dolibarr/security/advisories/GHSA-7947-48q7-cp5m",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/Dolibarr/dolibarr/security/advisories/GHSA-7947-48q7-cp5m"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "dolibarr",
          "vendor": "Dolibarr",
          "versions": [
            {
              "status": "affected",
              "version": "= 18.0.4"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Dolibarr is an enterprise resource planning (ERP) and customer relationship management (CRM) software package. Version 18.0.4 has a HTML Injection vulnerability in the Home page of the Dolibarr Application. This vulnerability allows an attacker to inject arbitrary HTML tags and manipulate the rendered content in the application\u0027s response. Specifically, I was able to successfully inject a new HTML tag into the returned document and, as a result, was able to comment out some part of the Dolibarr App Home page HTML code. This behavior can be exploited to perform various attacks like Cross-Site Scripting (XSS). To remediate the issue, validate and sanitize all user-supplied input, especially within HTML attributes, to prevent HTML injection attacks; and implement proper output encoding when rendering user-provided data to ensure it is treated as plain text rather than executable HTML."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-80",
              "description": "CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-25T19:42:30.343Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/Dolibarr/dolibarr/security/advisories/GHSA-7947-48q7-cp5m",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/Dolibarr/dolibarr/security/advisories/GHSA-7947-48q7-cp5m"
        }
      ],
      "source": {
        "advisory": "GHSA-7947-48q7-cp5m",
        "discovery": "UNKNOWN"
      },
      "title": "Dolibarr Application Home Page HTML injection vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2024-23817",
    "datePublished": "2024-01-25T19:42:30.343Z",
    "dateReserved": "2024-01-22T22:23:54.337Z",
    "dateUpdated": "2024-08-01T23:13:08.027Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:dolibarr:dolibarr_erp\\\\/crm:18.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6D5B05B6-7210-47C5-8EFA-CDD5D03CB23C\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Dolibarr is an enterprise resource planning (ERP) and customer relationship management (CRM) software package. Version 18.0.4 has a HTML Injection vulnerability in the Home page of the Dolibarr Application. This vulnerability allows an attacker to inject arbitrary HTML tags and manipulate the rendered content in the application\u0027s response. Specifically, I was able to successfully inject a new HTML tag into the returned document and, as a result, was able to comment out some part of the Dolibarr App Home page HTML code. This behavior can be exploited to perform various attacks like Cross-Site Scripting (XSS). To remediate the issue, validate and sanitize all user-supplied input, especially within HTML attributes, to prevent HTML injection attacks; and implement proper output encoding when rendering user-provided data to ensure it is treated as plain text rather than executable HTML.\"}, {\"lang\": \"es\", \"value\": \"Dolibarr es un paquete de software de planificaci\\u00f3n de recursos empresariales (ERP) y gesti\\u00f3n de relaciones con los clientes (CRM). La versi\\u00f3n 18.0.4 tiene una vulnerabilidad de inyecci\\u00f3n HTML en la p\\u00e1gina Home de la aplicaci\\u00f3n Dolibarr. Esta vulnerabilidad permite a un atacante inyectar etiquetas HTML arbitrarias y manipular el contenido representado en la respuesta de la aplicaci\\u00f3n. Espec\\u00edficamente, pude inyectar con \\u00e9xito una nueva etiqueta HTML en el documento devuelto y, como resultado, pude comentar alguna parte del c\\u00f3digo HTML de la p\\u00e1gina de inicio de la aplicaci\\u00f3n Dolibarr. Este comportamiento se puede aprovechar para realizar varios ataques como Cross-Site Scripting (XSS). Para solucionar el problema, valide y sanitice todas las entradas proporcionadas por el usuario, especialmente dentro de los atributos HTML, para evitar ataques de inyecci\\u00f3n de HTML; e implementar una codificaci\\u00f3n de salida adecuada al representar datos proporcionados por el usuario para garantizar que se traten como texto sin formato en lugar de HTML ejecutable.\"}]",
      "id": "CVE-2024-23817",
      "lastModified": "2024-11-21T08:58:28.927",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N\", \"baseScore\": 7.1, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 4.2}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\", \"baseScore\": 6.1, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 2.7}]}",
      "published": "2024-01-25T20:15:41.313",
      "references": "[{\"url\": \"https://github.com/Dolibarr/dolibarr/security/advisories/GHSA-7947-48q7-cp5m\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Exploit\", \"Vendor Advisory\"]}, {\"url\": \"https://github.com/Dolibarr/dolibarr/security/advisories/GHSA-7947-48q7-cp5m\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "security-advisories@github.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}, {\"lang\": \"en\", \"value\": \"CWE-80\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-23817\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2024-01-25T20:15:41.313\",\"lastModified\":\"2024-11-21T08:58:28.927\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Dolibarr is an enterprise resource planning (ERP) and customer relationship management (CRM) software package. Version 18.0.4 has a HTML Injection vulnerability in the Home page of the Dolibarr Application. This vulnerability allows an attacker to inject arbitrary HTML tags and manipulate the rendered content in the application\u0027s response. Specifically, I was able to successfully inject a new HTML tag into the returned document and, as a result, was able to comment out some part of the Dolibarr App Home page HTML code. This behavior can be exploited to perform various attacks like Cross-Site Scripting (XSS). To remediate the issue, validate and sanitize all user-supplied input, especially within HTML attributes, to prevent HTML injection attacks; and implement proper output encoding when rendering user-provided data to ensure it is treated as plain text rather than executable HTML.\"},{\"lang\":\"es\",\"value\":\"Dolibarr es un paquete de software de planificaci\u00f3n de recursos empresariales (ERP) y gesti\u00f3n de relaciones con los clientes (CRM). La versi\u00f3n 18.0.4 tiene una vulnerabilidad de inyecci\u00f3n HTML en la p\u00e1gina Home de la aplicaci\u00f3n Dolibarr. Esta vulnerabilidad permite a un atacante inyectar etiquetas HTML arbitrarias y manipular el contenido representado en la respuesta de la aplicaci\u00f3n. Espec\u00edficamente, pude inyectar con \u00e9xito una nueva etiqueta HTML en el documento devuelto y, como resultado, pude comentar alguna parte del c\u00f3digo HTML de la p\u00e1gina de inicio de la aplicaci\u00f3n Dolibarr. Este comportamiento se puede aprovechar para realizar varios ataques como Cross-Site Scripting (XSS). Para solucionar el problema, valide y sanitice todas las entradas proporcionadas por el usuario, especialmente dentro de los atributos HTML, para evitar ataques de inyecci\u00f3n de HTML; e implementar una codificaci\u00f3n de salida adecuada al representar datos proporcionados por el usuario para garantizar que se traten como texto sin formato en lugar de HTML ejecutable.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":4.2},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"},{\"lang\":\"en\",\"value\":\"CWE-80\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:dolibarr:dolibarr_erp\\\\/crm:18.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D5B05B6-7210-47C5-8EFA-CDD5D03CB23C\"}]}]}],\"references\":[{\"url\":\"https://github.com/Dolibarr/dolibarr/security/advisories/GHSA-7947-48q7-cp5m\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/Dolibarr/dolibarr/security/advisories/GHSA-7947-48q7-cp5m\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.