ghsa-fh7r-996q-gvcp
Vulnerability from github
Published
2023-04-25 19:47
Modified
2023-04-25 19:47
Severity ?
Summary
Possible XSS injection through Validate::isCleanHTML method
Details
Impact
ValidateCore::isCleanHTML() method of Prestashop misses hijickable events which can lead to XSS injection, allowed by the presence of pre-setup @keyframes methods.
This XSS which hijacks HTML attributes will be triggered without any interaction of the visitor/administrator which makes it as dangerous as a trivial XSS.
Contrary to most XSS which target HTML attributes and which are triggered without user interaction (such as onload / onerror which suffer from a very limited scope), this one can hijack every HTML element, which increases the danger due to a complete HTML elements scope.
Patches
The patch will be on PS 8.0.4 and PS 1.7.8.9
References
{
"affected": [
{
"package": {
"ecosystem": "Packagist",
"name": "prestashop/prestashop"
},
"ranges": [
{
"events": [
{
"introduced": "8.0.0"
},
{
"fixed": "8.0.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Packagist",
"name": "prestashop/prestashop"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.7.8.9"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-30838"
],
"database_specific": {
"cwe_ids": [
"CWE-79"
],
"github_reviewed": true,
"github_reviewed_at": "2023-04-25T19:47:05Z",
"nvd_published_at": "2023-04-25T19:15:11Z",
"severity": "HIGH"
},
"details": "### Impact\nValidateCore::isCleanHTML() method of Prestashop misses hijickable events which can lead to XSS injection, allowed by the presence of pre-setup @keyframes methods.\n\nThis XSS which hijacks HTML attributes will be triggered without any interaction of the visitor/administrator which makes it as dangerous as a trivial XSS.\n\nContrary to most XSS which target HTML attributes and which are triggered without user interaction (such as onload / onerror which suffer from a very limited scope), this one can hijack every HTML element, which increases the danger due to a complete HTML elements scope.\n\n### Patches\nThe patch will be on PS 8.0.4 and PS 1.7.8.9\n\n### References\n",
"id": "GHSA-fh7r-996q-gvcp",
"modified": "2023-04-25T19:47:05Z",
"published": "2023-04-25T19:47:05Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-fh7r-996q-gvcp"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-30838"
},
{
"type": "WEB",
"url": "https://github.com/PrestaShop/PrestaShop/commit/46408ae4b02f3b8b1bb6e9dc63af5bcd858abd9c"
},
{
"type": "WEB",
"url": "https://github.com/PrestaShop/PrestaShop/commit/dc682192df0e4b0d656a8e645b29ca1b9dbe3693"
},
{
"type": "PACKAGE",
"url": "https://github.com/PrestaShop/PrestaShop"
},
{
"type": "WEB",
"url": "https://github.com/PrestaShop/PrestaShop/releases/tag/1.7.8.9"
},
{
"type": "WEB",
"url": "https://github.com/PrestaShop/PrestaShop/releases/tag/8.0.4"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Possible XSS injection through Validate::isCleanHTML method"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.