CVE-2023-52084 - OpenCVE

Winter is a free, open-source content management system. Prior to 1.2.4, Users with access to backend forms that include a ColorPicker FormWidget can provide a value that would then be rendered unescaped in the backend form, potentially allowing for a stored XSS attack. This issue has been patched in v1.2.4.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Wintercms	Winter

Configuration 1 [-]

cpe:2.3:a:wintercms:winter:*:*:*:*:*:*:*:*

References

Link	Resource
https://github.com/wintercms/winter/commit/517f65dfae679b57575b047de13c5af48915a5ba	Patch
https://github.com/wintercms/winter/security/advisories/GHSA-43w4-4j3c-jx29	Patch Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: GitHub_M

Published: 2023-12-28T22:15:59.952Z

Updated: 2023-12-28T22:15:59.952Z

Reserved: 2023-12-26T17:23:22.236Z

Link: CVE-2023-52084

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-12-28T23:15:43.777

Modified: 2024-01-05T00:08:19.287

Link: CVE-2023-52084

JSON object: View

Redhat Information

No data.

CWE

CWE-79

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:wintercms:winter:*:*:*:*:*:*:*:*", "matchCriteriaId": "1EE69DF4-BDE7-4A22-9947-BBD648026BA4", "versionEndExcluding": "1.2.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Winter is a free, open-source content management system. Prior to 1.2.4, Users with access to backend forms that include a ColorPicker FormWidget can provide a value that would then be rendered unescaped in the backend form, potentially allowing for a stored XSS attack. This issue has been patched in v1.2.4."}, {"lang": "es", "value": "Winter es un sistema de gesti\u00f3n de contenidos gratuito y de c\u00f3digo abierto. Antes de 1.2.4, los usuarios con acceso a formularios de backend que incluyen un FormWidget ColorPicker pueden proporcionar un valor que luego se mostrar\u00eda sin formato de escape en el formulario de backend, lo que podr\u00eda permitir un ataque XSS almacenado. Este problema se solucion\u00f3 en la versi\u00f3n 1.2.4."}], "id": "CVE-2023-52084", "lastModified": "2024-01-05T00:08:19.287", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2.0, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 0.5, "impactScore": 1.4, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2023-12-28T23:15:43.777", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/wintercms/winter/commit/517f65dfae679b57575b047de13c5af48915a5ba"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://github.com/wintercms/winter/security/advisories/GHSA-43w4-4j3c-jx29"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "security-advisories@github.com", "type": "Primary"}]}