CVE-2022-28803
published 2022-06-29CVE-2022-28803: In SilverStripe Framework through 2022-04-07, Stored XSS can occur in javascript link tags added via XMLHttpRequest (XHR).
PriorityP424medium5.4CVSS 3.1
AVNACLPRLUIRSCCLILAN
EPSS
0.51%
39.8th percentile
In SilverStripe Framework through 2022-04-07, Stored XSS can occur in javascript link tags added via XMLHttpRequest (XHR).
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| silverstripe | framework | >= 4.0.0 < 4.11.13 | 4.11.13 |
| silverstripe | framework | >= 4.0.0 < 4.10.9 | 4.10.9 |
| silverstripe | silverstripe | < 4.10.9 | 4.10.9 |
CVSS provenance
nvdv3.15.4MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
nvdv2.03.5LOWAV:N/AC:M/Au:S/C:N/I:P/A:N
ghsa5.4MEDIUM
osv5.4MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Stored XSS using uppercase characters in HTMLEditor
ghsa·2022-11-21·CVSS 5.4
CVE-2022-37430 [MEDIUM] CWE-79 Stored XSS using uppercase characters in HTMLEditor
Stored XSS using uppercase characters in HTMLEditor
A malicious content author could add a Javascript payload to the href attribute of a link. A similar issue was identified and fixed via CVE-2022-28803. However, the fix didn't account for the casing of the href attribute. An attacker must have access to the CMS to exploit this issue.
OSV
Stored XSS using uppercase characters in HTMLEditor
osv·2022-11-21·CVSS 5.4
CVE-2022-37430 [MEDIUM] Stored XSS using uppercase characters in HTMLEditor
Stored XSS using uppercase characters in HTMLEditor
A malicious content author could add a Javascript payload to the href attribute of a link. A similar issue was identified and fixed via CVE-2022-28803. However, the fix didn't account for the casing of the href attribute. An attacker must have access to the CMS to exploit this issue.
OSV
Stored XSS in link tags added via XHR in SilverStripe Framework
osv·2022-06-29
CVE-2022-28803 [MEDIUM] Stored XSS in link tags added via XHR in SilverStripe Framework
Stored XSS in link tags added via XHR in SilverStripe Framework
SilverStripe Framework 4.x prior to 4.10.9 is vulnerable to cross-site scripting inside the href attribute of an HTML hyperlink, which can be added to website content via XMLHttpRequest (XHR) by an authenticated CMS user.
GHSA
Stored XSS in link tags added via XHR in SilverStripe Framework
ghsa·2022-06-29
CVE-2022-28803 [MEDIUM] CWE-79 Stored XSS in link tags added via XHR in SilverStripe Framework
Stored XSS in link tags added via XHR in SilverStripe Framework
SilverStripe Framework 4.x prior to 4.10.9 is vulnerable to cross-site scripting inside the href attribute of an HTML hyperlink, which can be added to website content via XMLHttpRequest (XHR) by an authenticated CMS user.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-06-29
Published