Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

CVE-2022-37429 Stored XSS using HTMLEditor

Severity:
Medium (?)
Identifier:
CVE-2022-37429
Versions Affected:
silverstripe/framework: ^4.0.0, ^3.0.0
Versions Fixed:
silverstripe/framework: 4.11.13
Release Date:
2022-11-21

A malicious content author could add a JavaScript payload to the href attribute of a link by splitting a javascript URL with white space characters.

An attacker must have access to the CMS to exploit this issue.

Most projects should be able to apply the patch without further work. There's no legitimate use case for this behaviour.

Regression testing should focus on link creations within HTML editor fields.

Base CVSS: 4.6

Reported by: TF1T via huntr.dev