github - ghsa-2g8p-j2r6-vqpj

GHSA-2G8P-J2R6-VQPJ

Vulnerability from github – Published: 2023-09-28 15:30 – Updated: 2023-10-05 17:32

Summary

Withdrawn Advisory: October Cross-site Scripting vulnerability

Details

Withdrawn Advisory

This advisory has been withdrawn because the vulnerability affects October CMS's installer, not October CMS. The installer deletes all folders and files upon completion of installation. The vulnerability is valid, but because October's installer is not part of one of the GitHub Advisory Database's supported ecosystems, alerts cannot be sent out for the correct package.

Corrected Description

A Cross-Site Scripting (XSS) vulnerability in the installer of October CMS allows an attacker to execute arbitrary web scripts via a crafted payload injected into the dbhost field.

Severity ?

5.4 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "october/cms"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "3.4.16"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-43876"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-79"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-09-29T20:39:02Z",
    "nvd_published_at": "2023-09-28T15:15:12Z",
    "severity": "MODERATE"
  },
  "details": "## Withdrawn Advisory\nThis advisory has been withdrawn because the vulnerability affects October CMS\u0027s installer, not October CMS. The installer deletes all folders and files upon completion of installation. The vulnerability is valid, but because October\u0027s installer is not part of one of the GitHub Advisory Database\u0027s [supported ecosystems](https://github.com/github/advisory-database/blob/main/README.md#supported-ecosystems), alerts cannot be sent out for the correct package.\n\n## Corrected Description\nA Cross-Site Scripting (XSS) vulnerability in the installer of October CMS allows an attacker to execute arbitrary web scripts via a crafted payload injected into the dbhost field.",
  "id": "GHSA-2g8p-j2r6-vqpj",
  "modified": "2023-10-05T17:32:33Z",
  "published": "2023-09-28T15:30:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-43876"
    },
    {
      "type": "WEB",
      "url": "https://github.com/sromanhu/CVE-2023-43876-October-CMS-Reflected-XSS---Installation/issues/1"
    },
    {
      "type": "WEB",
      "url": "https://github.com/octobercms/install/commit/ef1225b5596b7c2eb5ca3aa700a23e9f8acf387b"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/octobercms/install"
    },
    {
      "type": "WEB",
      "url": "https://github.com/sromanhu/October-CMS-Reflected-XSS---Installation/blob/main/README.md"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Withdrawn Advisory: October Cross-site Scripting vulnerability",
  "withdrawn": "2023-10-05T17:32:33Z"
}

CVE-2023-43876 (GCVE-0-2023-43876)

Vulnerability from cvelistv5 – Published: 2023-09-28 00:00 – Updated: 2024-09-23 19:17

Summary

A Cross-Site Scripting (XSS) vulnerability in installation of October v.3.4.16 allows an attacker to execute arbitrary web scripts via a crafted payload injected into the dbhost field.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

https://github.com/sromanhu/October-CMS-Reflected…

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T19:52:11.462Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/sromanhu/October-CMS-Reflected-XSS---Installation/blob/main/README.md"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-43876",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-23T19:17:03.071641Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-23T19:17:11.047Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A Cross-Site Scripting (XSS) vulnerability in installation of October v.3.4.16 allows an attacker to execute arbitrary web scripts via a crafted payload injected into the dbhost field."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-09-28T14:00:56.546466",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/sromanhu/October-CMS-Reflected-XSS---Installation/blob/main/README.md"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2023-43876",
    "datePublished": "2023-09-28T00:00:00",
    "dateReserved": "2023-09-25T00:00:00",
    "dateUpdated": "2024-09-23T19:17:11.047Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted