Miggo Logo

CVE-2018-25058: Twitter-Post-Fetcher vulnerable to Use of Web Link to Untrusted Target with window.opener Access

6.1

CVSS Score
3.1

Basic Information

EPSS Score
0.15427%
Published
12/29/2022
Updated
2/2/2023
KEV Status
No
Technology
TechnologyJavaScript

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
twitter-fetcher-jsnpm< 18.0.018.0.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from missing rel="noopener" attributes when setting target="_blank". The commit patching this vulnerability specifically modifies two areas: 1) The targetLinksToNewWindow function that processes all links, and 2) The HTML template literals generating interaction buttons. Both locations initially created links with target="_blank" without security attributes, making them vulnerable to window.opener exploitation. The named function targetLinksToNewWindow is explicitly vulnerable, while the interaction link generation (though part of inline template construction) represents a distinct vulnerable code path that was also patched.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

* vuln*r**ility *l*ssi*i** *s pro*l*m*ti* **s ***n *oun* in Twitt*r-Post-**t***r up to **.x. T*is *****ts *n unknown p*rt o* t** *il* `js/twitt*r**t***r.js` o* t** *ompon*nt Link T*r**t **n*l*r. T** m*nipul*tion l***s to us* o* w** link to untrust**

Reasoning

T** vuln*r**ility st*ms *rom missin* r*l="noop*n*r" *ttri*ut*s w**n s*ttin* t*r**t="_*l*nk". T** *ommit p*t**in* t*is vuln*r**ility sp**i*i**lly mo*i*i*s two *r**s: *) T** t*r**tLinksToN*wWin*ow *un*tion t**t pro**ss*s *ll links, *n* *) T** *TML t*mp