CVE-2023-32670 - OpenCVE

Cross-Site Scripting vulnerability in BuddyBoss 2.2.9 version , which could allow a local attacker with basic privileges to execute a malicious payload through the "[name]=image.jpg" parameter, allowing to assign a persistent javascript payload that would be triggered when the associated image is loaded.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Buddyboss	Buddyboss

Configuration 1 [-]

cpe:2.3:a:buddyboss:buddyboss:2.2.9:*:*:*:*:wordpress:*:*

References

Link	Resource
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-budyboss	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: INCIBE

Published: 2023-10-03T12:25:05.203Z

Updated: 2023-10-03T12:25:05.203Z

Reserved: 2023-05-11T08:48:57.515Z

Link: CVE-2023-32670

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-10-03T13:15:10.147

Modified: 2023-10-04T21:06:20.757

Link: CVE-2023-32670

JSON object: View

Redhat Information

No data.

CWE

CWE-79

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-32670", "assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516", "state": "PUBLISHED", "assignerShortName": "INCIBE", "dateReserved": "2023-05-11T08:48:57.515Z", "datePublished": "2023-10-03T12:25:05.203Z", "dateUpdated": "2023-10-03T12:25:05.203Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "BuddyBoss", "vendor": "BuddyBoss", "versions": [{"status": "affected", "version": "2.2.9"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Anxo Januario Gonzales"}], "datePublic": "2023-05-30T10:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Cross-Site Scripting vulnerability \n\nin BuddyBoss 2.2.9 version\n\n, which could allow a local attacker with basic privileges to execute a malicious payload through the \"[name]=image.jpg\" parameter, allowing to assign a persistent javascript payload that would be triggered when the associated image is loaded.<br>"}], "value": "Cross-Site Scripting vulnerability \n\nin BuddyBoss 2.2.9 version\n\n, which could allow a local attacker with basic privileges to execute a malicious payload through the \"[name]=image.jpg\" parameter, allowing to assign a persistent javascript payload that would be triggered when the associated image is loaded.\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516", "shortName": "INCIBE", "dateUpdated": "2023-10-03T12:25:05.203Z"}, "references": [{"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-budyboss"}], "source": {"discovery": "UNKNOWN"}, "title": "BuddyBoss XSS vulnerability", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:buddyboss:buddyboss:2.2.9:*:*:*:*:wordpress:*:*", "matchCriteriaId": "1793CDB5-4DF1-4C79-B52F-66E2EE09C8DB", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Cross-Site Scripting vulnerability \n\nin BuddyBoss 2.2.9 version\n\n, which could allow a local attacker with basic privileges to execute a malicious payload through the \"[name]=image.jpg\" parameter, allowing to assign a persistent javascript payload that would be triggered when the associated image is loaded.\n"}, {"lang": "es", "value": "Vulnerabilidad de Cross-Site Scripting (XSS) en BuddyBoss versi\u00f3n 2.2.9, que podr\u00eda permitir a un atacante local con privilegios b\u00e1sicos ejecutar un payload malicioso a trav\u00e9s del par\u00e1metro \"[name]=imagen.jpg\", permitiendo asignar un payload de JavaScript persistente que se activar\u00eda cuando se carga la imagen asociada."}], "id": "CVE-2023-32670", "lastModified": "2023-10-04T21:06:20.757", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 6.0, "source": "cve-coordination@incibe.es", "type": "Secondary"}]}, "published": "2023-10-03T13:15:10.147", "references": [{"source": "cve-coordination@incibe.es", "tags": ["Third Party Advisory"], "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-budyboss"}], "sourceIdentifier": "cve-coordination@incibe.es", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-79"}], "source": "cve-coordination@incibe.es", "type": "Secondary"}]}