-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| wikimedia/parsoid | composer | >= 0.12, < 0.12.2 | 0.12.2 |
| wikimedia/parsoid | composer | < 0.11.1 | 0.11.1 |
PHPPHPMiggo AIRoot Cause AnalysisThe vulnerability stems from how Parsoid's WTUtils.php handled HTML comments containing JSON data. The functions reinsertFosterableContent and decodeComment failed to distinguish between legitimate internal comments and user-controlled comments containing specially crafted JSON with '@type' keys. This allowed attackers to inject <meta> tags post-sanitization. The Phabricator ticket T279451 explicitly discusses these functions' roles in comment processing and the security patch's focus on modifying key validation (changing '@type' to a protected '-type' key). The high confidence comes from direct references to these functions in the vulnerability discussion and patch details.
Ongoing coverage of React2Shell