cvelistv5 - cve-2024-34349

CVE-2024-34349 (GCVE-0-2024-34349)

Vulnerability from cvelistv5 – Published: 2024-05-10 15:29 – Updated: 2024-08-02 02:51

Title

Sylius potentially vulnerable to Cross Site Scripting via "Name" field (Taxons, Products, Options, Variants) in Admin Panel

Summary

Sylius is an open source eCommerce platform. Prior to 1.12.16 and 1.13.1, there is a possibility to execute javascript code in the Admin panel. In order to perform an XSS attack input a script into Name field in which of the resources: Taxons, Products, Product Options or Product Variants. The code will be executed while using an autocomplete field with one of the listed entities in the Admin Panel. Also for the taxons in the category tree on the product form.The issue is fixed in versions: 1.12.16, 1.13.1.

Severity ?

4.8 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

CWE

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Assigner

GitHub_M

References

URL

Tags

	https://github.com/Sylius/Sylius/security/advisor…	x_refsource_CONFIRM
	https://github.com/Sylius/Sylius/commit/ba4b66da5…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	Sylius	Sylius	Affected: < 1.12.16 Affected: >= 1.13.0-alpha.1, < 1.13.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-34349",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-10T18:30:14.256886Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:42:11.744Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T02:51:11.424Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/Sylius/Sylius/security/advisories/GHSA-v2f9-rv6w-vw8r",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-v2f9-rv6w-vw8r"
          },
          {
            "name": "https://github.com/Sylius/Sylius/commit/ba4b66da5af88cdb1bba6174de8bdf42f4853e12",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/Sylius/Sylius/commit/ba4b66da5af88cdb1bba6174de8bdf42f4853e12"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Sylius",
          "vendor": "Sylius",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 1.12.16"
            },
            {
              "status": "affected",
              "version": "\u003e= 1.13.0-alpha.1, \u003c 1.13.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Sylius is an open source eCommerce platform. Prior to 1.12.16 and 1.13.1, there is a possibility to execute javascript code in the Admin panel. In order to perform an XSS attack input a script into Name field in which of the resources: Taxons, Products, Product Options or Product Variants. The code will be executed while using an autocomplete field with one of the listed entities in the Admin Panel. Also for the taxons in the category tree on the product form.The issue is fixed in versions: 1.12.16, 1.13.1."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-08T12:35:38.149Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/Sylius/Sylius/security/advisories/GHSA-v2f9-rv6w-vw8r",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-v2f9-rv6w-vw8r"
        },
        {
          "name": "https://github.com/Sylius/Sylius/commit/ba4b66da5af88cdb1bba6174de8bdf42f4853e12",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/Sylius/Sylius/commit/ba4b66da5af88cdb1bba6174de8bdf42f4853e12"
        }
      ],
      "source": {
        "advisory": "GHSA-v2f9-rv6w-vw8r",
        "discovery": "UNKNOWN"
      },
      "title": "Sylius potentially vulnerable to Cross Site Scripting via \"Name\" field (Taxons, Products, Options, Variants) in Admin Panel"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2024-34349",
    "datePublished": "2024-05-10T15:29:39.791Z",
    "dateReserved": "2024-05-02T06:36:32.437Z",
    "dateUpdated": "2024-08-02T02:51:11.424Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Sylius is an open source eCommerce platform. Prior to 1.12.16 and 1.13.1, there is a possibility to execute javascript code in the Admin panel. In order to perform an XSS attack input a script into Name field in which of the resources: Taxons, Products, Product Options or Product Variants. The code will be executed while using an autocomplete field with one of the listed entities in the Admin Panel. Also for the taxons in the category tree on the product form.The issue is fixed in versions: 1.12.16, 1.13.1.\"}, {\"lang\": \"es\", \"value\": \"Sylius es una plataforma de comercio electr\\u00f3nico de c\\u00f3digo abierto. Antes de 1.12.16 y 1.13.1, existe la posibilidad de ejecutar c\\u00f3digo javascript en el panel de administraci\\u00f3n. Para realizar un ataque XSS, ingrese un script en el campo Nombre en cu\\u00e1l de los recursos: Taxones, Productos, Opciones de producto o Variantes de producto. El c\\u00f3digo se ejecutar\\u00e1 mientras se utiliza un campo de autocompletar con una de las entidades enumeradas en el Panel de administraci\\u00f3n. Tambi\\u00e9n para los taxones en el \\u00e1rbol de categor\\u00edas en el formulario del producto. El problema se solucion\\u00f3 en las versiones: 1.12.16, 1.13.1.\"}]",
      "id": "CVE-2024-34349",
      "lastModified": "2024-11-21T09:18:28.893",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N\", \"baseScore\": 4.8, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 1.7, \"impactScore\": 2.7}]}",
      "published": "2024-05-14T15:38:41.397",
      "references": "[{\"url\": \"https://github.com/Sylius/Sylius/commit/ba4b66da5af88cdb1bba6174de8bdf42f4853e12\", \"source\": \"security-advisories@github.com\"}, {\"url\": \"https://github.com/Sylius/Sylius/security/advisories/GHSA-v2f9-rv6w-vw8r\", \"source\": \"security-advisories@github.com\"}, {\"url\": \"https://github.com/Sylius/Sylius/commit/ba4b66da5af88cdb1bba6174de8bdf42f4853e12\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://github.com/Sylius/Sylius/security/advisories/GHSA-v2f9-rv6w-vw8r\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "security-advisories@github.com",
      "vulnStatus": "Awaiting Analysis",
      "weaknesses": "[{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-34349\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2024-05-14T15:38:41.397\",\"lastModified\":\"2024-11-21T09:18:28.893\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Sylius is an open source eCommerce platform. Prior to 1.12.16 and 1.13.1, there is a possibility to execute javascript code in the Admin panel. In order to perform an XSS attack input a script into Name field in which of the resources: Taxons, Products, Product Options or Product Variants. The code will be executed while using an autocomplete field with one of the listed entities in the Admin Panel. Also for the taxons in the category tree on the product form.The issue is fixed in versions: 1.12.16, 1.13.1.\"},{\"lang\":\"es\",\"value\":\"Sylius es una plataforma de comercio electr\u00f3nico de c\u00f3digo abierto. Antes de 1.12.16 y 1.13.1, existe la posibilidad de ejecutar c\u00f3digo javascript en el panel de administraci\u00f3n. Para realizar un ataque XSS, ingrese un script en el campo Nombre en cu\u00e1l de los recursos: Taxones, Productos, Opciones de producto o Variantes de producto. El c\u00f3digo se ejecutar\u00e1 mientras se utiliza un campo de autocompletar con una de las entidades enumeradas en el Panel de administraci\u00f3n. Tambi\u00e9n para los taxones en el \u00e1rbol de categor\u00edas en el formulario del producto. El problema se solucion\u00f3 en las versiones: 1.12.16, 1.13.1.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":4.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.7,\"impactScore\":2.7}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"references\":[{\"url\":\"https://github.com/Sylius/Sylius/commit/ba4b66da5af88cdb1bba6174de8bdf42f4853e12\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/Sylius/Sylius/security/advisories/GHSA-v2f9-rv6w-vw8r\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/Sylius/Sylius/commit/ba4b66da5af88cdb1bba6174de8bdf42f4853e12\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://github.com/Sylius/Sylius/security/advisories/GHSA-v2f9-rv6w-vw8r\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/Sylius/Sylius/security/advisories/GHSA-v2f9-rv6w-vw8r\", \"name\": \"https://github.com/Sylius/Sylius/security/advisories/GHSA-v2f9-rv6w-vw8r\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://github.com/Sylius/Sylius/commit/ba4b66da5af88cdb1bba6174de8bdf42f4853e12\", \"name\": \"https://github.com/Sylius/Sylius/commit/ba4b66da5af88cdb1bba6174de8bdf42f4853e12\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T02:51:11.424Z\"}}, {\"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-34349\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-05-10T18:30:14.256886Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-10T18:30:17.286Z\"}, \"title\": \"CISA ADP Vulnrichment\"}], \"cna\": {\"title\": \"Sylius potentially vulnerable to Cross Site Scripting via \\\"Name\\\" field (Taxons, Products, Options, Variants) in Admin Panel\", \"source\": {\"advisory\": \"GHSA-v2f9-rv6w-vw8r\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 4.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"vendor\": \"Sylius\", \"product\": \"Sylius\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 1.12.16\"}, {\"status\": \"affected\", \"version\": \"\u003e= 1.13.0-alpha.1, \u003c 1.13.1\"}]}], \"references\": [{\"url\": \"https://github.com/Sylius/Sylius/security/advisories/GHSA-v2f9-rv6w-vw8r\", \"name\": \"https://github.com/Sylius/Sylius/security/advisories/GHSA-v2f9-rv6w-vw8r\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/Sylius/Sylius/commit/ba4b66da5af88cdb1bba6174de8bdf42f4853e12\", \"name\": \"https://github.com/Sylius/Sylius/commit/ba4b66da5af88cdb1bba6174de8bdf42f4853e12\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Sylius is an open source eCommerce platform. Prior to 1.12.16 and 1.13.1, there is a possibility to execute javascript code in the Admin panel. In order to perform an XSS attack input a script into Name field in which of the resources: Taxons, Products, Product Options or Product Variants. The code will be executed while using an autocomplete field with one of the listed entities in the Admin Panel. Also for the taxons in the category tree on the product form.The issue is fixed in versions: 1.12.16, 1.13.1.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-79\", \"description\": \"CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2024-07-08T12:35:38.149Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-34349\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-02T02:51:11.424Z\", \"dateReserved\": \"2024-05-02T06:36:32.437Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2024-05-10T15:29:39.791Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

GHSA-V2F9-RV6W-VW8R

Vulnerability from github – Published: 2024-05-10 15:33 – Updated: 2024-07-08 12:45

Summary

Sylius potentially vulnerable to Cross Site Scripting via "Name" field (Taxons, Products, Options, Variants) in Admin Panel

Details

Impact

There is a possibility to execute javascript code in the Admin panel. In order to perform an XSS attack input a script into Name field in which of the resources: Taxons, Products, Product Options or Product Variants. The code will be executed while using an autocomplete field with one of the listed entities in the Admin Panel. Also for the taxons in the category tree on the product form.

Patches

The issue is fixed in versions: 1.12.16, 1.13.1 and above.

Workarounds

Create new file assets/admin/sylius-lazy-choice-tree.js:

// assets/admin/sylius-lazy-choice-tree.js

function sanitizeInput(input) {
  const div = document.createElement('div');
  div.textContent = input;
  return div.innerHTML; // Converts text content to plain HTML, stripping any scripts
}

const createRootContainer = function createRootContainer() {
  return $('<div class="ui list"></div>');
};

const createLeafContainerElement = function createLeafContainerElement() {
  return $('<div class="list"></div>');
};

const createLeafIconElement = function createLeafIconElement() {
  return $('<i class="folder icon"></i>');
};

const createLeafTitleElement = function createLeafTitleElement() {
  return $('<div class="header"></div>');
};

const createLeafTitleSpan = function createLeafTitleSpan(displayName) {
  return $(`<span style="margin-right: 5px; cursor: pointer;">${displayName}</span>`);
};

const createLeafContentElement = function createLeafContentElement() {
  return $('<div class="content"></div>');
};

$.fn.extend({
  choiceTree(type, multiple, defaultLevel) {
    const tree = this;
    const loader = tree.find('.dimmer');
    const loadedLeafs = [];
    const $input = tree.find('input[type="hidden"]');

    const createCheckboxElement = function createCheckboxElement(name, code, multi) {
      const chosenNodes = $input.val().split(',');
      let checked = '';
      if (chosenNodes.some(chosenCode => chosenCode === code)) {
        checked = 'checked="checked"';
      }
      if (multi) {
        return $(`<div class="ui checkbox" data-value="${code}"><input ${checked} type="checkbox" name="${type}"></div>`);
      }

      return $(`<div class="ui radio checkbox" data-value="${code}"><input ${checked} type="radio" name="${type}"></div>`);
    };

    const isLeafLoaded = function isLeafLoaded(code) {
      return loadedLeafs.some(leafCode => leafCode === code);
    };

    let createLeafFunc;

    const loadLeafAction = function loadLeafAction(parentCode, expandButton, content, icon, leafContainerElement) {
      icon.toggleClass('open');

      if (!isLeafLoaded(parentCode)) {
        expandButton.api({
          on: 'now',
          url: tree.data('tree-leafs-url') || tree.data('taxon-leafs-url'),
          method: 'GET',
          cache: false,
          data: {
            parentCode,
          },
          beforeSend(settings) {
            loader.addClass('active');

            return settings;
          },
          onSuccess(response) {
            response.forEach((leafNode) => {
              leafContainerElement.append((
                createLeafFunc(sanitizeInput(leafNode.name), leafNode.code, leafNode.hasChildren, multiple, leafNode.level)
              ));
            });
            content.append(leafContainerElement);
            loader.removeClass('active');
            loadedLeafs.push(parentCode);

            leafContainerElement.toggle();
          },
        });
      }

      leafContainerElement.toggle();
    };

    const bindExpandLeafAction = function bindExpandLeafAction(parentCode, expandButton, content, icon, level) {
      const leafContainerElement = createLeafContainerElement();
      if (defaultLevel > level) {
        loadLeafAction(parentCode, expandButton, content, icon, leafContainerElement);
      }

      expandButton.click(() => {
        loadLeafAction(parentCode, expandButton, content, icon, leafContainerElement);
      });
    };

    const bindCheckboxAction = function bindCheckboxAction(checkboxElement) {
      checkboxElement.checkbox({
        onChecked() {
          const { value } = checkboxElement[0].dataset;
          const checkedValues = $input.val().split(',').filter(Boolean);
          checkedValues.push(value);
          $input.val(checkedValues.join());
        },
        onUnchecked() {
          const { value } = checkboxElement[0].dataset;
          const checkedValues = $input.val().split(',').filter(Boolean);
          const i = checkedValues.indexOf(value);
          if (i !== -1) {
            checkedValues.splice(i, 1);
          }
          $input.val(checkedValues.join());
        },
      });
    };

    const createLeaf = function createLeaf(name, code, hasChildren, multipleChoice, level) {
      const displayNameElement = createLeafTitleSpan(name);
      const titleElement = createLeafTitleElement();
      const iconElement = createLeafIconElement();
      const checkboxElement = createCheckboxElement(name, code, multipleChoice);

      bindCheckboxAction(checkboxElement);

      const leafElement = $('<div class="item"></div>');
      const leafContentElement = createLeafContentElement();

      leafElement.append(iconElement);
      titleElement.append(displayNameElement);
      titleElement.append(checkboxElement);
      leafContentElement.append(titleElement);

      if (!hasChildren) {
        iconElement.addClass('outline');
      }
      if (hasChildren) {
        bindExpandLeafAction(code, displayNameElement, leafContentElement, iconElement, level);
      }
      leafElement.append(leafContentElement);

      return leafElement;
    };
    createLeafFunc = createLeaf;

    tree.api({
      on: 'now',
      method: 'GET',
      url: tree.data('tree-root-nodes-url') || tree.data('taxon-root-nodes-url'),
      cache: false,
      beforeSend(settings) {
        loader.addClass('active');

        return settings;
      },
      onSuccess(response) {
        const rootContainer = createRootContainer();
        response.forEach((rootNode) => {
          rootContainer.append((
            createLeaf(sanitizeInput(rootNode.name), rootNode.code, rootNode.hasChildren, multiple, rootNode.level)
          ));
        });
        tree.append(rootContainer);
        loader.removeClass('active');
      },
    });
  },
});

Create new file assets/admin/sylius-auto-complete.js:

// assets/admin/sylius-auto-complete.js

function sanitizeInput(input) {
  const div = document.createElement('div');
  div.textContent = input;
  return div.innerHTML; // Converts text content to plain HTML, stripping any scripts
}

$.fn.extend({
  autoComplete() {
    this.each((idx, el) => {
      const element = $(el);
      const criteriaName = element.data('criteria-name');
      const choiceName = element.data('choice-name');
      const choiceValue = element.data('choice-value');
      const autocompleteValue = element.find('input.autocomplete').val();
      const loadForEditUrl = element.data('load-edit-url');

      element.dropdown({
        delay: {
          search: 250,
        },
        forceSelection: false,
        saveRemoteData: false,
        verbose: true,
        apiSettings: {
          dataType: 'JSON',
          cache: false,
          beforeSend(settings) {
            /* eslint-disable-next-line no-param-reassign */
            settings.data[criteriaName] = settings.urlData.query;

            return settings;
          },
          onResponse(response) {
            let results = response.map(item => ({
              name: sanitizeInput(item[choiceName]),
              value: sanitizeInput(item[choiceValue]),
            }));

            if (!element.hasClass('multiple')) {
              results.unshift({
                name: '&nbsp;',
                value: '',
              });
            }

            return {
              success: true,
              results: results,
            };
          },
        },
      });

      if (autocompleteValue.split(',').filter(String).length > 0) {
        const menuElement = element.find('div.menu');

        menuElement.api({
          on: 'now',
          method: 'GET',
          url: loadForEditUrl,
          beforeSend(settings) {
            /* eslint-disable-next-line no-param-reassign */
            settings.data[choiceValue] = autocompleteValue.split(',').filter(String);

            return settings;
          },
          onSuccess(response) {
            response.forEach((item) => {
              menuElement.append((
                $(`<div class="item" data-value="${item[choiceValue]}">${item[choiceName]}</div>`)
              ));
            });

            element.dropdown('refresh');
            element.dropdown('set selected', element.find('input.autocomplete').val().split(',').filter(String));
          },
        });
      }
    });
  },
});

Create new file assets/admin/sylius-product-auto-complete.js:

// assets/admin/sylius-product-auto-complete.js

function sanitizeInput(input) {
  const div = document.createElement('div');
  div.textContent = input;
  return div.innerHTML; // Converts text content to plain HTML, stripping any scripts
}

$.fn.extend({
  productAutoComplete() {
    this.each((index, element) => {
      const $element = $(element);
      $element.dropdown('set selected', $element.find('input[name*="[associations]"]').val().split(',').filter(String));
    });

    this.dropdown({
      delay: {
        search: 250,
      },
      forceSelection: false,
      apiSettings: {
        dataType: 'JSON',
        cache: false,
        data: {
          criteria: { search: { type: 'contains', value: '' } },
        },
        beforeSend(settings) {
          /* eslint-disable-next-line no-param-reassign */
          settings.data.criteria.search.value = settings.urlData.query;

          return settings;
        },
        onResponse(response) {
          return {
            success: true,
            results: response._embedded.items.map(item => ({
              name: sanitizeInput(item.name),
              value: sanitizeInput(item.code),
            })),
          };
        },
      },
      onAdd(addedValue, addedText, $addedChoice) {
        const inputAssociation = $addedChoice.parents('.product-select').find('input[name*="[associations]"]');
        const associatedProductCodes = inputAssociation.val().length > 0 ? inputAssociation.val().split(',').filter(String) : [];

        associatedProductCodes.push(addedValue);
        $.unique(associatedProductCodes.sort());

        inputAssociation.attr('value', associatedProductCodes.join());
      },
      onRemove(removedValue, removedText, $removedChoice) {
        const inputAssociation = $removedChoice.parents('.product-select').find('input[name*="[associations]"]');
        const associatedProductCodes = inputAssociation.val().length > 0 ? inputAssociation.val().split(',').filter(String) : [];

        associatedProductCodes.splice($.inArray(removedValue, associatedProductCodes), 1);

        inputAssociation.attr('value', associatedProductCodes.join());
      },
    });
  },
});

Add new import in assets/admin/entry.js:

// assets/admin/entry.js
// ...
import './sylius-lazy-choice-tree';
import './sylius-auto-complete';
import './sylius-product-auto-complete';

Rebuild your assets:

yarn build

Acknowledgements

This security issue has been reported by Checkmarx Research Group, thank you!

For more information

If you have any questions or comments about this advisory: * Open an issue in Sylius issues * Email us at security@sylius.com

Severity ?

4.8 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

4.8 (Medium)


                  
                    CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "sylius/sylius"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.12.0-alpha.1"
            },
            {
              "fixed": "1.12.16"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "sylius/sylius"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.13.0-alpha.1"
            },
            {
              "fixed": "1.13.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-34349"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-79"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-05-10T15:33:01Z",
    "nvd_published_at": "2024-05-14T15:38:41Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\n\nThere is a possibility to execute javascript code in the Admin panel. In order to perform an XSS attack input a script into `Name` field in which of the resources: Taxons, Products, Product Options or Product Variants. The code will be executed while using an autocomplete field with one of the listed entities in the Admin Panel. Also for the taxons in the category tree on the product form. \n\n### Patches\nThe issue is fixed in versions: 1.12.16, 1.13.1 and above.\n\n### Workarounds\n\n1. Create new file `assets/admin/sylius-lazy-choice-tree.js`:\n\n```js\n// assets/admin/sylius-lazy-choice-tree.js\n\nfunction sanitizeInput(input) {\n  const div = document.createElement(\u0027div\u0027);\n  div.textContent = input;\n  return div.innerHTML; // Converts text content to plain HTML, stripping any scripts\n}\n\nconst createRootContainer = function createRootContainer() {\n  return $(\u0027\u003cdiv class=\"ui list\"\u003e\u003c/div\u003e\u0027);\n};\n\nconst createLeafContainerElement = function createLeafContainerElement() {\n  return $(\u0027\u003cdiv class=\"list\"\u003e\u003c/div\u003e\u0027);\n};\n\nconst createLeafIconElement = function createLeafIconElement() {\n  return $(\u0027\u003ci class=\"folder icon\"\u003e\u003c/i\u003e\u0027);\n};\n\nconst createLeafTitleElement = function createLeafTitleElement() {\n  return $(\u0027\u003cdiv class=\"header\"\u003e\u003c/div\u003e\u0027);\n};\n\nconst createLeafTitleSpan = function createLeafTitleSpan(displayName) {\n  return $(`\u003cspan style=\"margin-right: 5px; cursor: pointer;\"\u003e${displayName}\u003c/span\u003e`);\n};\n\nconst createLeafContentElement = function createLeafContentElement() {\n  return $(\u0027\u003cdiv class=\"content\"\u003e\u003c/div\u003e\u0027);\n};\n\n$.fn.extend({\n  choiceTree(type, multiple, defaultLevel) {\n    const tree = this;\n    const loader = tree.find(\u0027.dimmer\u0027);\n    const loadedLeafs = [];\n    const $input = tree.find(\u0027input[type=\"hidden\"]\u0027);\n\n    const createCheckboxElement = function createCheckboxElement(name, code, multi) {\n      const chosenNodes = $input.val().split(\u0027,\u0027);\n      let checked = \u0027\u0027;\n      if (chosenNodes.some(chosenCode =\u003e chosenCode === code)) {\n        checked = \u0027checked=\"checked\"\u0027;\n      }\n      if (multi) {\n        return $(`\u003cdiv class=\"ui checkbox\" data-value=\"${code}\"\u003e\u003cinput ${checked} type=\"checkbox\" name=\"${type}\"\u003e\u003c/div\u003e`);\n      }\n\n      return $(`\u003cdiv class=\"ui radio checkbox\" data-value=\"${code}\"\u003e\u003cinput ${checked} type=\"radio\" name=\"${type}\"\u003e\u003c/div\u003e`);\n    };\n\n    const isLeafLoaded = function isLeafLoaded(code) {\n      return loadedLeafs.some(leafCode =\u003e leafCode === code);\n    };\n\n    let createLeafFunc;\n\n    const loadLeafAction = function loadLeafAction(parentCode, expandButton, content, icon, leafContainerElement) {\n      icon.toggleClass(\u0027open\u0027);\n\n      if (!isLeafLoaded(parentCode)) {\n        expandButton.api({\n          on: \u0027now\u0027,\n          url: tree.data(\u0027tree-leafs-url\u0027) || tree.data(\u0027taxon-leafs-url\u0027),\n          method: \u0027GET\u0027,\n          cache: false,\n          data: {\n            parentCode,\n          },\n          beforeSend(settings) {\n            loader.addClass(\u0027active\u0027);\n\n            return settings;\n          },\n          onSuccess(response) {\n            response.forEach((leafNode) =\u003e {\n              leafContainerElement.append((\n                createLeafFunc(sanitizeInput(leafNode.name), leafNode.code, leafNode.hasChildren, multiple, leafNode.level)\n              ));\n            });\n            content.append(leafContainerElement);\n            loader.removeClass(\u0027active\u0027);\n            loadedLeafs.push(parentCode);\n\n            leafContainerElement.toggle();\n          },\n        });\n      }\n\n      leafContainerElement.toggle();\n    };\n\n    const bindExpandLeafAction = function bindExpandLeafAction(parentCode, expandButton, content, icon, level) {\n      const leafContainerElement = createLeafContainerElement();\n      if (defaultLevel \u003e level) {\n        loadLeafAction(parentCode, expandButton, content, icon, leafContainerElement);\n      }\n\n      expandButton.click(() =\u003e {\n        loadLeafAction(parentCode, expandButton, content, icon, leafContainerElement);\n      });\n    };\n\n    const bindCheckboxAction = function bindCheckboxAction(checkboxElement) {\n      checkboxElement.checkbox({\n        onChecked() {\n          const { value } = checkboxElement[0].dataset;\n          const checkedValues = $input.val().split(\u0027,\u0027).filter(Boolean);\n          checkedValues.push(value);\n          $input.val(checkedValues.join());\n        },\n        onUnchecked() {\n          const { value } = checkboxElement[0].dataset;\n          const checkedValues = $input.val().split(\u0027,\u0027).filter(Boolean);\n          const i = checkedValues.indexOf(value);\n          if (i !== -1) {\n            checkedValues.splice(i, 1);\n          }\n          $input.val(checkedValues.join());\n        },\n      });\n    };\n\n    const createLeaf = function createLeaf(name, code, hasChildren, multipleChoice, level) {\n      const displayNameElement = createLeafTitleSpan(name);\n      const titleElement = createLeafTitleElement();\n      const iconElement = createLeafIconElement();\n      const checkboxElement = createCheckboxElement(name, code, multipleChoice);\n\n      bindCheckboxAction(checkboxElement);\n\n      const leafElement = $(\u0027\u003cdiv class=\"item\"\u003e\u003c/div\u003e\u0027);\n      const leafContentElement = createLeafContentElement();\n\n      leafElement.append(iconElement);\n      titleElement.append(displayNameElement);\n      titleElement.append(checkboxElement);\n      leafContentElement.append(titleElement);\n\n      if (!hasChildren) {\n        iconElement.addClass(\u0027outline\u0027);\n      }\n      if (hasChildren) {\n        bindExpandLeafAction(code, displayNameElement, leafContentElement, iconElement, level);\n      }\n      leafElement.append(leafContentElement);\n\n      return leafElement;\n    };\n    createLeafFunc = createLeaf;\n\n    tree.api({\n      on: \u0027now\u0027,\n      method: \u0027GET\u0027,\n      url: tree.data(\u0027tree-root-nodes-url\u0027) || tree.data(\u0027taxon-root-nodes-url\u0027),\n      cache: false,\n      beforeSend(settings) {\n        loader.addClass(\u0027active\u0027);\n\n        return settings;\n      },\n      onSuccess(response) {\n        const rootContainer = createRootContainer();\n        response.forEach((rootNode) =\u003e {\n          rootContainer.append((\n            createLeaf(sanitizeInput(rootNode.name), rootNode.code, rootNode.hasChildren, multiple, rootNode.level)\n          ));\n        });\n        tree.append(rootContainer);\n        loader.removeClass(\u0027active\u0027);\n      },\n    });\n  },\n});\n```\n\n2. Create new file `assets/admin/sylius-auto-complete.js`:\n\n```js\n// assets/admin/sylius-auto-complete.js\n\nfunction sanitizeInput(input) {\n  const div = document.createElement(\u0027div\u0027);\n  div.textContent = input;\n  return div.innerHTML; // Converts text content to plain HTML, stripping any scripts\n}\n\n$.fn.extend({\n  autoComplete() {\n    this.each((idx, el) =\u003e {\n      const element = $(el);\n      const criteriaName = element.data(\u0027criteria-name\u0027);\n      const choiceName = element.data(\u0027choice-name\u0027);\n      const choiceValue = element.data(\u0027choice-value\u0027);\n      const autocompleteValue = element.find(\u0027input.autocomplete\u0027).val();\n      const loadForEditUrl = element.data(\u0027load-edit-url\u0027);\n\n      element.dropdown({\n        delay: {\n          search: 250,\n        },\n        forceSelection: false,\n        saveRemoteData: false,\n        verbose: true,\n        apiSettings: {\n          dataType: \u0027JSON\u0027,\n          cache: false,\n          beforeSend(settings) {\n            /* eslint-disable-next-line no-param-reassign */\n            settings.data[criteriaName] = settings.urlData.query;\n\n            return settings;\n          },\n          onResponse(response) {\n            let results = response.map(item =\u003e ({\n              name: sanitizeInput(item[choiceName]),\n              value: sanitizeInput(item[choiceValue]),\n            }));\n\n            if (!element.hasClass(\u0027multiple\u0027)) {\n              results.unshift({\n                name: \u0027\u0026nbsp;\u0027,\n                value: \u0027\u0027,\n              });\n            }\n\n            return {\n              success: true,\n              results: results,\n            };\n          },\n        },\n      });\n\n      if (autocompleteValue.split(\u0027,\u0027).filter(String).length \u003e 0) {\n        const menuElement = element.find(\u0027div.menu\u0027);\n\n        menuElement.api({\n          on: \u0027now\u0027,\n          method: \u0027GET\u0027,\n          url: loadForEditUrl,\n          beforeSend(settings) {\n            /* eslint-disable-next-line no-param-reassign */\n            settings.data[choiceValue] = autocompleteValue.split(\u0027,\u0027).filter(String);\n\n            return settings;\n          },\n          onSuccess(response) {\n            response.forEach((item) =\u003e {\n              menuElement.append((\n                $(`\u003cdiv class=\"item\" data-value=\"${item[choiceValue]}\"\u003e${item[choiceName]}\u003c/div\u003e`)\n              ));\n            });\n\n            element.dropdown(\u0027refresh\u0027);\n            element.dropdown(\u0027set selected\u0027, element.find(\u0027input.autocomplete\u0027).val().split(\u0027,\u0027).filter(String));\n          },\n        });\n      }\n    });\n  },\n});\n```\n\n3. Create new file `assets/admin/sylius-product-auto-complete.js`:\n\n```js\n// assets/admin/sylius-product-auto-complete.js\n\nfunction sanitizeInput(input) {\n  const div = document.createElement(\u0027div\u0027);\n  div.textContent = input;\n  return div.innerHTML; // Converts text content to plain HTML, stripping any scripts\n}\n\n$.fn.extend({\n  productAutoComplete() {\n    this.each((index, element) =\u003e {\n      const $element = $(element);\n      $element.dropdown(\u0027set selected\u0027, $element.find(\u0027input[name*=\"[associations]\"]\u0027).val().split(\u0027,\u0027).filter(String));\n    });\n\n    this.dropdown({\n      delay: {\n        search: 250,\n      },\n      forceSelection: false,\n      apiSettings: {\n        dataType: \u0027JSON\u0027,\n        cache: false,\n        data: {\n          criteria: { search: { type: \u0027contains\u0027, value: \u0027\u0027 } },\n        },\n        beforeSend(settings) {\n          /* eslint-disable-next-line no-param-reassign */\n          settings.data.criteria.search.value = settings.urlData.query;\n\n          return settings;\n        },\n        onResponse(response) {\n          return {\n            success: true,\n            results: response._embedded.items.map(item =\u003e ({\n              name: sanitizeInput(item.name),\n              value: sanitizeInput(item.code),\n            })),\n          };\n        },\n      },\n      onAdd(addedValue, addedText, $addedChoice) {\n        const inputAssociation = $addedChoice.parents(\u0027.product-select\u0027).find(\u0027input[name*=\"[associations]\"]\u0027);\n        const associatedProductCodes = inputAssociation.val().length \u003e 0 ? inputAssociation.val().split(\u0027,\u0027).filter(String) : [];\n\n        associatedProductCodes.push(addedValue);\n        $.unique(associatedProductCodes.sort());\n\n        inputAssociation.attr(\u0027value\u0027, associatedProductCodes.join());\n      },\n      onRemove(removedValue, removedText, $removedChoice) {\n        const inputAssociation = $removedChoice.parents(\u0027.product-select\u0027).find(\u0027input[name*=\"[associations]\"]\u0027);\n        const associatedProductCodes = inputAssociation.val().length \u003e 0 ? inputAssociation.val().split(\u0027,\u0027).filter(String) : [];\n\n        associatedProductCodes.splice($.inArray(removedValue, associatedProductCodes), 1);\n\n        inputAssociation.attr(\u0027value\u0027, associatedProductCodes.join());\n      },\n    });\n  },\n});\n```\n\n4. Add new import in `assets/admin/entry.js`:\n\n```js\n// assets/admin/entry.js\n// ...\nimport \u0027./sylius-lazy-choice-tree\u0027;\nimport \u0027./sylius-auto-complete\u0027;\nimport \u0027./sylius-product-auto-complete\u0027;\n```\n\n5. Rebuild your assets:\n\n```bash\nyarn build\n``` \n\n### Acknowledgements\n\nThis security issue has been reported by [Checkmarx Research Group](https://checkmarx.com), thank you!\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [Sylius issues](https://github.com/Sylius/Sylius/issues)\n* Email us at security@sylius.com\n",
  "id": "GHSA-v2f9-rv6w-vw8r",
  "modified": "2024-07-08T12:45:11Z",
  "published": "2024-05-10T15:33:01Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-v2f9-rv6w-vw8r"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Sylius/Sylius/commit/ba4b66da5af88cdb1bba6174de8bdf42f4853e12"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/Sylius/Sylius"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Sylius potentially vulnerable to Cross Site Scripting via \"Name\" field (Taxons, Products, Options, Variants) in Admin Panel"
}

FKIE_CVE-2024-34349

Vulnerability from fkie_nvd - Published: 2024-05-14 15:38 - Updated: 2024-11-21 09:18

Severity ?

4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

Summary

References

	URL	Tags
	security-advisories@github.com	https://github.com/Sylius/Sylius/commit/ba4b66da5af88cdb1bba6174de8bdf42f4853e12
	security-advisories@github.com	https://github.com/Sylius/Sylius/security/advisories/GHSA-v2f9-rv6w-vw8r
	af854a3a-2127-422b-91ae-364da2661108	https://github.com/Sylius/Sylius/commit/ba4b66da5af88cdb1bba6174de8bdf42f4853e12
	af854a3a-2127-422b-91ae-364da2661108	https://github.com/Sylius/Sylius/security/advisories/GHSA-v2f9-rv6w-vw8r

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Sylius is an open source eCommerce platform. Prior to 1.12.16 and 1.13.1, there is a possibility to execute javascript code in the Admin panel. In order to perform an XSS attack input a script into Name field in which of the resources: Taxons, Products, Product Options or Product Variants. The code will be executed while using an autocomplete field with one of the listed entities in the Admin Panel. Also for the taxons in the category tree on the product form.The issue is fixed in versions: 1.12.16, 1.13.1."
    },
    {
      "lang": "es",
      "value": "Sylius es una plataforma de comercio electr\u00f3nico de c\u00f3digo abierto. Antes de 1.12.16 y 1.13.1, existe la posibilidad de ejecutar c\u00f3digo javascript en el panel de administraci\u00f3n. Para realizar un ataque XSS, ingrese un script en el campo Nombre en cu\u00e1l de los recursos: Taxones, Productos, Opciones de producto o Variantes de producto. El c\u00f3digo se ejecutar\u00e1 mientras se utiliza un campo de autocompletar con una de las entidades enumeradas en el Panel de administraci\u00f3n. Tambi\u00e9n para los taxones en el \u00e1rbol de categor\u00edas en el formulario del producto. El problema se solucion\u00f3 en las versiones: 1.12.16, 1.13.1."
    }
  ],
  "id": "CVE-2024-34349",
  "lastModified": "2024-11-21T09:18:28.893",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.7,
        "impactScore": 2.7,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-05-14T15:38:41.397",
  "references": [
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/Sylius/Sylius/commit/ba4b66da5af88cdb1bba6174de8bdf42f4853e12"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-v2f9-rv6w-vw8r"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://github.com/Sylius/Sylius/commit/ba4b66da5af88cdb1bba6174de8bdf42f4853e12"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-v2f9-rv6w-vw8r"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-34349 (GCVE-0-2024-34349)

GHSA-V2F9-RV6W-VW8R

Impact

Patches

Workarounds

Acknowledgements

For more information

FKIE_CVE-2024-34349

Tags

Sightings

Nomenclature