Miggo Logo

CVE-2020-36395: Stored XSS in LavaLite 5.8.0

5.4

CVSS Score
3.1

Basic Information

EPSS Score
0.42411%
Published
5/24/2022
Updated
7/6/2023
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
lavalite/cmscomposer< 5.8.05.8.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability involves two key phases: 1) Unsanitized input handling in the storage process, and 2) Unencoded output in rendering. Based on Laravel MVC patterns and the described /admin/user/team endpoint:

  1. TeamController@store would handle form submissions containing the 'New' parameter
  2. TeamController@show would display stored team data While specific code isn't available, the GitHub issue confirms insufficient input filtering and output encoding. These controller methods are the most likely candidates for user input handling and rendering based on standard Laravel CMS architecture.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

* stor** *ross sit* s*riptin* (XSS) vuln*r**ility in t** /**min/us*r/t**m *ompon*nt o* L*v*Lit* *.*.* *llows *ut**nti**t** *tt**k*rs to *x**ut* *r*itr*ry w** s*ripts or *TML vi* * *r**t** p*ylo** *nt*r** into t** "N*w" p*r*m*t*r.

Reasoning

T** vuln*r**ility involv*s two k*y p**s*s: *) Uns*nitiz** input **n*lin* in t** stor*** pro**ss, *n* *) Un*n*o*** output in r*n**rin*. **s** on L*r*v*l MV* p*tt*rns *n* t** **s*ri*** /**min/us*r/t**m *n*point: *. T**m*ontroll*r@stor* woul* **n*l* *or