Miggo Logo

CVE-2022-0087: Reflected cross-site scripting (XSS) vulnerability

7.1

CVSS Score
3.0

Basic Information

EPSS Score
0.97679%
Published
1/12/2022
Updated
2/3/2023
KEV Status
No
Technology
TechnologyJavaScript

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
Package NameEcosystemVulnerable VersionsFirst Patched Version
@keystone-6/authnpm< 1.0.21.0.2
@keystone-next/authnpm<= 37.0.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The core vulnerability stemmed from improper handling of the 'from' query parameter in two key areas: 1) In createAuth's redirect generation, where untrusted input was embedded in URLs without context-aware validation(). 2) In page components that directly consumed the 'from' parameter without sanitization. The fix introduced validation checks (pathname === '/' condition) and a useRedirect hook to sanitize the parameter, confirming the original vulnerability existed in these parameter handling paths. The XSS exploit would occur when malicious 'from' values were reflected in admin UI responses without proper escaping.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

T*is s**urity **visory r*l*t*s to * **p**ility *or *n *tt**k*r to *xploit * r**l**t** *ross-sit* s*riptin* vuln*r**ility w**n usin* t** `@k*yston*-*/*ut*` p**k***. #### Imp**t T** vuln*r**ility **n imp**t us*rs o* t** **ministr*tion us*r int*r**** w

Reasoning

T** *or* vuln*r**ility st*mm** *rom improp*r **n*lin* o* t** '*rom' qu*ry p*r*m*t*r in two k*y *r**s: *) In `*r**t**ut*`'s r**ir**t **n*r*tion, w**r* untrust** input w*s *m****** in URLs wit*out *ont*xt-*w*r* `v*li**tion()`. *) In p*** *ompon*nts t**