Miggo Logo
Miggo Vulnerability Database
CVE-2024-34449

CVE-2024-34449: Vditor allows Cross-site Scripting via an attribute of an `A` element

N/A

CVSS Score

Basic Information

CVE ID
CVE-2024-34449
GHSA ID
GHSA-m5jf-8crm-r65m
EPSS Score
0.22911%
CWE
CWE-79
Published
5/3/2024
Updated
5/3/2024
KEV Status
No
Technology
TechnologyJavaScript

Technical Details

CVSS Vector
CVSS metrics data is empty
Package NameEcosystemVulnerable VersionsFirst Patched Version
vditornpm= 3.10.3

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from improper sanitization of <a> element attributes during Markdown-to-HTML conversion. Key evidence includes: 1) Vendor's mitigation instruction to use 'sanitize=true' implies default unsafe configuration 2) CWE-79 classification confirms XSS via unneutralized web output 3) The preview feature's Markdown processing pipeline (options.preview.markdown.sanitize) is directly referenced in advisory links 4) Anchor tag handling is specifically called out in the vulnerability title. While exact code isn't shown, the configuration option and Lute engine's sanitization are central to the attack vector.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

V*itor *.**.* *llows XSS vi* *n *ttri*ut* o* *n `*` *l*m*nt. NOT*: t** v*n*or in*i**t*s t**t * us*r is suppos** to miti**t* t*is vi* `s*nitiz*=tru*`.

Reasoning

T** vuln*r**ility st*ms *rom improp*r s*nitiz*tion o* `<*>` *l*m*nt *ttri*ut*s *urin* M*rk*own-to-*TML *onv*rsion. K*y *vi**n** in*lu**s: *) V*n*or's miti**tion instru*tion to us* 's*nitiz*=tru*' impli*s ****ult uns*** *on*i*ur*tion *) *W*-** *l*ssi*