Miggo Logo
Miggo Vulnerability Database
CVE-2022-43121

CVE-2022-43121: Subrion CMS is vulnerable to Cross-Site Scripting (XSS)

6.1

CVSS Score
3.1

Basic Information

CVE ID
CVE-2022-43121
GHSA ID
GHSA-jrvr-gmqv-hgrh
EPSS Score
0.67716%
CWE
CWE-79
Published
11/9/2022
Updated
1/30/2023
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
intelliants/subrioncomposer<= 4.2.1

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from improper output encoding when rendering the tooltip text in the Members Add page. The tooltip payload is injected via the CMS Field Add page and stored. When the tooltip is displayed in the Members Add page, the lack of escaping (e.g., missing Smarty |escape:'html' modifier or PHP htmlspecialchars()) allows arbitrary script execution. While the exact PHP function names are unclear without code access, the root cause is the unescaped rendering in the template layer, which is a common XSS vector in templating systems like Smarty.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

* *ross-sit* s*riptin* (XSS) vuln*r**ility in t** *MS *i*l* *** p*** o* Int*lli*nts Su*rion *MS in v*rsion *.*.* *llows *tt**k*rs to *x**ut* *r*itr*ry w** s*ripts or *TML vi* * *r**t** p*ylo** inj**t** into t** tooltip t*xt *i*l*.

Reasoning

T** vuln*r**ility st*ms *rom improp*r output *n*o*in* w**n r*n**rin* t** tooltip t*xt in t** M*m**rs *** p***. T** tooltip p*ylo** is inj**t** vi* t** *MS *i*l* *** p*** *n* stor**. W**n t** tooltip is *ispl*y** in t** M*m**rs *** p***, t** l**k o* *