Miggo Logo
Miggo Vulnerability Database
CVE-2021-41236

CVE-2021-41236:
XSS vulnerability on email template preview page

6.9

CVSS Score
3.1

Basic Information

CVE ID
CVE-2021-41236
GHSA ID
GHSA-qv7g-j98v-8pp7
EPSS Score
0.6494%
CWE
CWE-79
Published
1/6/2022
Updated
2/3/2023
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
oro/platformcomposer>= 3.1.0, < 3.1.213.1.21
oro/platformcomposer>= 4.1.0, < 4.1.144.1.14
oro/platformcomposer>= 4.2.0, < 4.2.84.2.8

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from the compilePreview method rendering user-controlled email template content without proper sanitization. The commit diff shows the fix introduced HTML sanitization via HtmlTagHelper::sanitize() in this method. The original implementation passed $template->getContent() directly to Twig's createTemplate, which - despite using {% verbatim %} - didn't neutralize existing script tags in the content. The addition of sanitization in the patched version confirms the vulnerability existed in this function.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

### Summ*ry *m*il t*mpl*t* pr*vi*w is vuln*r**l* to XSS p*ylo** ***** to *m*il t*mpl*t* *ont*nt. T** *tt**k*r s*oul* **v* p*rmission to *r**t* or **it *n *m*il t*mpl*t*. *or su***ss*ul p*ylo**, *x**ution *tt**k** us*r s*oul* pr*vi*w * vuln*r**l* *m*

Reasoning

T** vuln*r**ility st*ms *rom t** `*ompil*Pr*vi*w` m*t*o* r*n**rin* us*r-*ontroll** *m*il t*mpl*t* *ont*nt wit*out prop*r s*nitiz*tion. T** *ommit *i** s*ows t** *ix intro*u*** *TML s*nitiz*tion vi* `*tmlT****lp*r::s*nitiz*()` in t*is m*t*o*. T** ori*