Miggo Logo

CVE-2017-1000482: Products.CMFPlone XSS in profile home_page property

5.4

CVSS Score
3.0

Basic Information

EPSS Score
0.51866%
Published
5/14/2022
Updated
10/18/2024
KEV Status
No
Technology
TechnologyPython

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
Products.CMFPlonepip< 4.3.174.3.17
Products.CMFPlonepip>= 5.0.0, < 5.0.105.0.10
Products.CMFPlonepip>= 5.1a1, < 5.1.05.1.0
Plonepip>= 2.5a1, < 4.3.164.3.16
Plonepip>= 5.0a1, < 5.1.05.1.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from improper URL validation in the isURLInPortal method. The commit 05a943ecbcdda56bacc93b55c9e2e908d8a7dfab shows critical changes to this function: introducing ALLOWED_SCHEMAS to restrict protocols, BAD_URL_PARTS to block XSS patterns, and HTML unescaping to prevent encoded payloads. These changes directly address the XSS vector described in CVE-2017-1000482, confirming this function's role in the vulnerability.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

* m*m**r o* t** Plon* sit* *oul* s*t j*v*s*ript in t** `*om*_p***` prop*rty o* t**ir pro*il*, *n* **v* t*is *x**ut** w**n * visitor *li*ks t** *om* p*** link on t** *ut*or p***.

Reasoning

T** vuln*r**ility st*ms *rom improp*r URL v*li**tion in t** isURLInPort*l m*t*o*. T** *ommit **************************************** s*ows *riti**l ***n**s to t*is *un*tion: intro*u*in* *LLOW**_S***M*S to r*stri*t proto*ols, ***_URL_P*RTS to *lo*k X