Miggo Logo
Miggo Vulnerability Database
CVE-2008-3218

CVE-2008-3218: Drupal vulnerable to Cross-site Scripting

4.3

CVSS Score

Basic Information

CVE ID
CVE-2008-3218
GHSA ID
GHSA-6cj8-c359-p7q9
EPSS Score
0.65804%
CWE
CWE-79
Published
5/1/2022
Updated
2/9/2024
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
AV:N/AC:M/Au:N/C:N/I:P/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
drupal/drupalcomposer>= 6.0, < 6.36.3

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability description explicitly identifies two vectors: 1) free tagging taxonomy terms in node previews and 2) OpenID values. In Drupal 6.x architecture:

  1. Taxonomy term handling occurs in taxonomy.module, with preview rendering in node.pages.inc. The lack of output escaping in preview rendering for user-controlled taxonomy terms would directly enable XSS.

  2. OpenID processing is managed in openid.inc. While the exact vulnerable function isn't specified, authentication handlers like openid_authentication are prime candidates for unescaped output of external OpenID data.

High confidence for taxonomy-related functions based on clear vector description and Drupal's preview rendering flow. Medium confidence for OpenID due to less specific documentation, but alignment with the described attack surface.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

Multipl* *ross-sit* s*riptin* (XSS) vuln*r**iliti*s in *rup*l *.x ***or* *.* *llow r*mot* *tt**k*rs to inj**t *r*itr*ry w** s*ript or *TML vi* v**tors r*l*t** to (*) *r** t***in* t*xonomy t*rms, w*i** *r* not prop*rly **n*l** on no** pr*vi*w p***s, *

Reasoning

T** vuln*r**ility **s*ription *xpli*itly i**nti*i*s two v**tors: *) *r** t***in* t*xonomy t*rms in no** pr*vi*ws *n* *) Op*nI* v*lu*s. In *rup*l *.x *r**it**tur*: *. T*xonomy t*rm **n*lin* o**urs in t*xonomy.mo*ul*, wit* pr*vi*w r*n**rin* in no**.p*