Miggo Logo
Miggo Vulnerability Database
GHSA-mqf5-275h-gf6r

GHSA-mqf5-275h-gf6r: Silverstripe framework is vulnerable to XSS in install.php

6.1

CVSS Score
3.1

Basic Information

CVE ID
-
GHSA ID
GHSA-mqf5-275h-gf6r
EPSS Score
-
CWE
CWE-79
Published
5/23/2024
Updated
5/23/2024
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
silverstripe/frameworkcomposer>= 3.1.0, < 3.1.143.1.14

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from unescaped output of user-controllable parameters (admin_username and admin_password) in the installation form template (config-form.html). The commit diff explicitly shows the addition of htmlspecialchars() to these echo statements in the patched version, confirming that the lack of output encoding in the original code allowed XSS payloads to render in the browser. These echo statements are the direct points of vulnerability.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*urin* inst*ll*tion, **rt*in p*r*m*t*rs (**min_us*rn*m* *n* **min_p*sswor*) *r* not *s**p** in t** s*tup *orm. T*is issu* is r*solv** in *.*.** st**l*, *lt*ou** *xistin* us*rs *r* **vis** to r*mov* t*is *il* prior to **ployin* to * pro*u*tion s*rv*r

Reasoning

T** vuln*r**ility st*ms *rom un*s**p** output o* us*r-*ontroll**l* p*r*m*t*rs (**min_us*rn*m* *n* **min_p*sswor*) in t** inst*ll*tion *orm t*mpl*t* (*on*i*-*orm.*tml). T** *ommit *i** *xpli*itly s*ows t** ***ition o* *tmlsp**i*l***rs() to t**s* ***o