You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
CVE-2023-41592
Customize
froala-editor : 4.2.2
Issue CVE-2023-41592 CVE-2023-42426
Severity
CVE CVSS 35.4
Sonatype CVSS 36.1
Weakness
CVE CWE79
Source
National Vulnerability Database
Categories
Data
Description from CVE
Froala Editor v4.0.1 to v4.1.1 was discovered to contain a cross-site scripting (XSS) vulnerability.
Explanation
The froala-editor package is vulnerable to Cross-Site Scripting (XSS). When using the 'Insert Image' component to add hyperlinks to an exiting image in a FroalaEditor instance, the editor does not properly sanitize the href attribute (link value) provided for the tag. An attacker can exploit this vulnerability by providing a crafted hyperlink code which, if saved on the backend of a website using Froala Editor, can result in stored XSS attacks when rendered in a visitor's web browser.
Note: While researching CVE-2023-41592, the Sonatype Security research team also accounted for the issue which was later assigned CVE-2023-42426. Given the identical nature of the vulnerability and the attack vector, we are treating these CVEs identical. As such, information for both CVE-2023-41592 and CVE-2023-42426 is captured here.
Advisory Deviation Notice: The Sonatype Security Research team tested the provided PoC exploits (see "Additional Resources") against Froala Editor versions <4.0.1 and >=4.1.2 (4.2.1 being the latest version at the time of our Deep Dive research) and observed the vulnerability could be reproduced in these versions. As such, versions prior to 4.x are also vulnerable, contrary to what is stated in this advisory. Additionally, a fixed version is not available at the time of our research.
Detection
The application is vulnerable by using this component.
Recommendation
There is no non-vulnerable upgrade path for this component/package. We recommend investigating alternative components or a potential mitigating control.
Version Affected
[1.2.0,4.3.0]
Root Cause
froala-editor-4.2.2.tgzpackage/js/froala_editor.min.js(,)
froala-editor-4.2.2.tgzpackage/js/froala_editor.pkgd.min.js(,)
froala-editor-4.2.2.tgzpackage/index.d.ts[4.1.0, )
Advisories
Attackhttps://github.com//issues/4678
Evidencehttps://www.youtube.com/watch?v=Me33Dx1_XqQ
Third Partyhttps://hacker.soarescorp.com/cve/2023-41592/
CVSS Details
CVE CVSS 35.4
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
The text was updated successfully, but these errors were encountered:
CVE-2023-41592
Customize
froala-editor : 4.2.2
Issue
CVE-2023-41592
CVE-2023-42426
Severity
CVE CVSS 35.4
Sonatype CVSS 36.1
Weakness
CVE CWE79
Source
National Vulnerability Database
Categories
Data
Description from CVE
Froala Editor v4.0.1 to v4.1.1 was discovered to contain a cross-site scripting (XSS) vulnerability.
Explanation
The froala-editor package is vulnerable to Cross-Site Scripting (XSS). When using the 'Insert Image' component to add hyperlinks to an exiting image in a FroalaEditor instance, the editor does not properly sanitize the href attribute (link value) provided for the tag. An attacker can exploit this vulnerability by providing a crafted hyperlink code which, if saved on the backend of a website using Froala Editor, can result in stored XSS attacks when rendered in a visitor's web browser.
Note: While researching CVE-2023-41592, the Sonatype Security research team also accounted for the issue which was later assigned CVE-2023-42426. Given the identical nature of the vulnerability and the attack vector, we are treating these CVEs identical. As such, information for both CVE-2023-41592 and CVE-2023-42426 is captured here.
Given the following Advisory Deviation Notice, we consider CVE-2023-41592 to also cover CVE-2023-43263.
Advisory Deviation Notice: The Sonatype Security Research team tested the provided PoC exploits (see "Additional Resources") against Froala Editor versions <4.0.1 and >=4.1.2 (4.2.1 being the latest version at the time of our Deep Dive research) and observed the vulnerability could be reproduced in these versions. As such, versions prior to 4.x are also vulnerable, contrary to what is stated in this advisory. Additionally, a fixed version is not available at the time of our research.
Detection
The application is vulnerable by using this component.
Recommendation
There is no non-vulnerable upgrade path for this component/package. We recommend investigating alternative components or a potential mitigating control.
Version Affected
[1.2.0,4.3.0]
Root Cause
froala-editor-4.2.2.tgzpackage/js/froala_editor.min.js(,)
froala-editor-4.2.2.tgzpackage/js/froala_editor.pkgd.min.js(,)
froala-editor-4.2.2.tgzpackage/index.d.ts[4.1.0, )
Advisories
Attackhttps://github.com//issues/4678
Evidencehttps://www.youtube.com/watch?v=Me33Dx1_XqQ
Third Partyhttps://hacker.soarescorp.com/cve/2023-41592/
CVSS Details
CVE CVSS 35.4
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
The text was updated successfully, but these errors were encountered: