Miggo Logo

CVE-2023-35783: ke_search (aka Faceted Search) vulnerable to Cross-Site Scripting

6.3

CVSS Score
3.1

Basic Information

EPSS Score
0.48983%
Published
6/16/2023
Updated
11/8/2023
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Package NameEcosystemVulnerable VersionsFirst Patched Version
tpwd/ke_searchcomposer>= 5.0.0, < 5.0.25.0.2
tpwd/ke_searchcomposer>= 4.1.0, < 4.6.64.6.6
tpwd/ke_searchcomposer< 4.0.34.0.3

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from missing HTML sanitization in data indexing paths. The security patches consistently add strip_tags() to multiple data processing functions across different indexers (File, News, TtAddress, TtNews) and the search result rendering (Searchresult.php). These functions handled user-controlled or external data (file contents, keywords, descriptions) without proper neutralization, making them entry points for XSS payloads. The high confidence comes from direct correlation between patched lines and CWE-79 mitigation patterns.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

T** k*_s**r** (*k* ****t** S**r**) *xt*nsion ***or* *.*.*, *.*.x t*rou** *.*.x ***or* *.*.*, *n* *.x ***or* *.*.* *or TYPO* *llows XSS vi* in**x** **t*.

Reasoning

T** vuln*r**ility st*ms *rom missin* *TML s*nitiz*tion in **t* in**xin* p*t*s. T** s**urity p*t***s *onsist*ntly *** `strip_t**s()` to multipl* **t* pro**ssin* *un*tions **ross *i***r*nt in**x*rs (*il*, N*ws, Tt***r*ss, TtN*ws) *n* t** s**r** r*sult