-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AIMiggo AIRoot Cause AnalysisThe vulnerability is a Cross-Site Scripting (XSS) issue in code16/sharp that occurs because uploaded SVG files are not sanitized. An attacker can upload an SVG file containing malicious JavaScript, which will be executed when the file is viewed in a browser.
The analysis of the patch commit bf7fedf2086d86aac16194733a6385564e5cf124 reveals the vulnerable code path and the fix.
The root cause is the lack of sanitization in the file upload process. The function Code16\Sharp\Http\Jobs\HandleUploadedFileJob::handle is directly responsible for processing the uploaded file. Before the patch, this function would save the file without any sanitization, making it the primary vulnerable function. The patch introduces a call to a new SanitizeSvgJob within this function to clean SVG files.
Another key function in the vulnerable process is Code16\Sharp\Form\Fields\Formatters\UploadFormatter::fromFront. This function is the entry point for handling a new file upload from the user interface. It queues the HandleUploadedFileJob for background processing. The patch modifies this function to pass a shouldSanitizeSvg flag, indicating that the sanitization logic was missing from this part of the workflow as well.
Therefore, both functions are identified as part of the vulnerability. HandleUploadedFileJob::handle is where the lack of sanitization occurs, and UploadFormatter::fromFront is the function that initiates the vulnerable process for a new upload.
Code16\Sharp\Http\Jobs\HandleUploadedFileJob::handlesrc/Http/Jobs/HandleUploadedFileJob.php
Code16\Sharp\Form\Fields\Formatters\UploadFormatter::fromFrontsrc/Form/Fields/Formatters/UploadFormatter.php
| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| code16/sharp | composer | < 9.7.0 | 9.7.0 |
PHPPHPOngoing coverage of React2Shell