CVE-2024-37297 - OpenCVE

WooCommerce is an open-source e-commerce platform built on WordPress. A vulnerability introduced in WooCommerce 8.8 allows for cross-site scripting. A bad actor can manipulate a link to include malicious HTML & JavaScript content. While the content is not saved to the database, the links may be sent to victims for malicious purposes. The injected JavaScript could hijack content & data stored in the browser, including the session. The URL content is read through the `Sourcebuster.js` library and then inserted without proper sanitization to the classic checkout and registration forms. Versions 8.8.5 and 8.9.3 contain a patch for the issue. As a workaround, one may disable the Order Attribution feature.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

No data.

No data.

References

Link	Resource
https://developer.woocommerce.com/2024/06/10/developer-advisory-xss-vulnerability-8-8-0
https://github.com/woocommerce/woocommerce/commit/0e9888305d0cb9557e58f558526ab11cb3bcc4b4
https://github.com/woocommerce/woocommerce/commit/915e32a42762916b745a7e663c8b69a698da8b67
https://github.com/woocommerce/woocommerce/security/advisories/GHSA-cv23-q6gh-xfrf

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-06-12T15:05:46.468Z

Updated: 2024-06-13T19:59:46.310Z

Reserved: 2024-06-05T20:10:46.496Z

Link: CVE-2024-37297

JSON object: View

NVD Information

Status : Awaiting Analysis

Published: 2024-06-12T15:15:52.677

Modified: 2024-06-13T18:36:09.010

Link: CVE-2024-37297

JSON object: View

Redhat Information

No data.

CWE

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-37297", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-06-05T20:10:46.496Z", "datePublished": "2024-06-12T15:05:46.468Z", "dateUpdated": "2024-06-13T19:59:46.310Z"}, "containers": {"cna": {"title": "WooCommerce has a Cross-Site Scripting Vulnerability in checkout & registration forms", "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "lang": "en", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-80", "lang": "en", "description": "CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/woocommerce/woocommerce/security/advisories/GHSA-cv23-q6gh-xfrf", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/woocommerce/woocommerce/security/advisories/GHSA-cv23-q6gh-xfrf"}, {"name": "https://github.com/woocommerce/woocommerce/commit/0e9888305d0cb9557e58f558526ab11cb3bcc4b4", "tags": ["x_refsource_MISC"], "url": "https://github.com/woocommerce/woocommerce/commit/0e9888305d0cb9557e58f558526ab11cb3bcc4b4"}, {"name": "https://github.com/woocommerce/woocommerce/commit/915e32a42762916b745a7e663c8b69a698da8b67", "tags": ["x_refsource_MISC"], "url": "https://github.com/woocommerce/woocommerce/commit/915e32a42762916b745a7e663c8b69a698da8b67"}, {"name": "https://developer.woocommerce.com/2024/06/10/developer-advisory-xss-vulnerability-8-8-0", "tags": ["x_refsource_MISC"], "url": "https://developer.woocommerce.com/2024/06/10/developer-advisory-xss-vulnerability-8-8-0"}], "affected": [{"vendor": "woocommerce", "product": "woocommerce", "versions": [{"version": ">= 8.8.0, < 8.8.5", "status": "affected"}, {"version": ">= 8.9.0, < 8.9.3", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-06-12T15:05:46.468Z"}, "descriptions": [{"lang": "en", "value": "WooCommerce is an open-source e-commerce platform built on WordPress. A vulnerability introduced in WooCommerce 8.8 allows for cross-site scripting. A bad actor can manipulate a link to include malicious HTML & JavaScript content. While the content is not saved to the database, the links may be sent to victims for malicious purposes. The injected JavaScript could hijack content & data stored in the browser, including the session. The URL content is read through the `Sourcebuster.js` library and then inserted without proper sanitization to the classic checkout and registration forms. Versions 8.8.5 and 8.9.3 contain a patch for the issue. As a workaround, one may disable the Order Attribution feature."}], "source": {"advisory": "GHSA-cv23-q6gh-xfrf", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-13T19:59:12.949157Z", "id": "CVE-2024-37297", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-13T19:59:46.310Z"}}]}}

{"descriptions": [{"lang": "en", "value": "WooCommerce is an open-source e-commerce platform built on WordPress. A vulnerability introduced in WooCommerce 8.8 allows for cross-site scripting. A bad actor can manipulate a link to include malicious HTML & JavaScript content. While the content is not saved to the database, the links may be sent to victims for malicious purposes. The injected JavaScript could hijack content & data stored in the browser, including the session. The URL content is read through the `Sourcebuster.js` library and then inserted without proper sanitization to the classic checkout and registration forms. Versions 8.8.5 and 8.9.3 contain a patch for the issue. As a workaround, one may disable the Order Attribution feature."}, {"lang": "es", "value": "WooCommerce es una plataforma de comercio electr\u00f3nico de c\u00f3digo abierto construida sobre WordPress. Una vulnerabilidad introducida en WooCommerce 8.8 permite cross-site scripting. Un mal actor puede manipular un enlace para incluir contenido HTML y JavaScript malicioso. Si bien el contenido no se guarda en la base de datos, los enlaces pueden enviarse a las v\u00edctimas con fines maliciosos. El JavaScript inyectado podr\u00eda secuestrar el contenido y los datos almacenados en el navegador, incluida la sesi\u00f3n. El contenido de la URL se lee a trav\u00e9s de la librer\u00eda `Sourcebuster.js` y luego se inserta sin la sanitizaci\u00f3n adecuada en los formularios cl\u00e1sicos de pago y registro. Las versiones 8.8.5 y 8.9.3 contienen un parche para el problema. Como workaround, se puede desactivar la funci\u00f3n de atribuci\u00f3n de pedidos."}], "id": "CVE-2024-37297", "lastModified": "2024-06-13T18:36:09.010", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2024-06-12T15:15:52.677", "references": [{"source": "security-advisories@github.com", "url": "https://developer.woocommerce.com/2024/06/10/developer-advisory-xss-vulnerability-8-8-0"}, {"source": "security-advisories@github.com", "url": "https://github.com/woocommerce/woocommerce/commit/0e9888305d0cb9557e58f558526ab11cb3bcc4b4"}, {"source": "security-advisories@github.com", "url": "https://github.com/woocommerce/woocommerce/commit/915e32a42762916b745a7e663c8b69a698da8b67"}, {"source": "security-advisories@github.com", "url": "https://github.com/woocommerce/woocommerce/security/advisories/GHSA-cv23-q6gh-xfrf"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}, {"lang": "en", "value": "CWE-80"}], "source": "security-advisories@github.com", "type": "Secondary"}]}