Miggo Logo
Miggo Vulnerability Database
GHSA-r85g-7jpv-8xrx

GHSA-r85g-7jpv-8xrx: silverstripe/framework has Cross-site Scripting vulnerability in CMSSecurity BackURL

6.1

CVSS Score
3.1

Basic Information

CVE ID
-
GHSA ID
GHSA-r85g-7jpv-8xrx
EPSS Score
-
CWE
CWE-79
Published
5/27/2024
Updated
5/27/2024
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
silverstripe/frameworkcomposer>= 3.1.0-rc1, < 3.1.213.1.21
silverstripe/frameworkcomposer>= 3.2.0-rc1, < 3.2.63.2.6
silverstripe/frameworkcomposer>= 3.3.0-rc1, < 3.3.43.3.4
silverstripe/frameworkcomposer>= 3.4.0-rc1, < 3.4.23.4.2

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The patch directly modifies the success() method in CMSSecurity to properly escape $backURL, indicating that the original code was vulnerable to XSS. Thus, CMSSecurity::success is identified as a vulnerable function.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

In *ollow up to [SS-****-***](*ttps://www.silv*rstrip*.or*/*ownlo**/s**urity-r*l**s*s/ss-****-***/) t**r* is y*t * minor unr*solv** *ix to in*orr**tly *n*o*** URL.

Reasoning

T** p*t** *ir**tly mo*i*i*s t** `su***ss()` m*t*o* in `*MSS**urity` to prop*rly *s**p* $***kURL, in*i**tin* t**t t** ori*in*l *o** w*s vuln*r**l* to XSS. T*us, `*MSS**urity::su***ss` is i**nti*i** *s * vuln*r**l* *un*tion.