Vulnerability Details : CVE-2017-18343
The debug handler in Symfony before v2.7.33, 2.8.x before v2.8.26, 3.x before v3.2.13, and 3.3.x before v3.3.6 has XSS via an array key during exception pretty printing in ExceptionHandler.php, as demonstrated by a /_debugbar/open?op=get URI. NOTE: the vendor's position is that this is not a vulnerability because the debug tools are not intended for production use. NOTE: the Symfony Debug component is used by Laravel Debugbar
Vulnerability category: Cross site scripting (XSS)
Products affected by CVE-2017-18343
- cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*
- cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*
- cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*
- cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-18343
0.09%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 38 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-18343
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:P/A:N |
8.6
|
2.9
|
NIST | |
6.1
|
MEDIUM | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
2.8
|
2.7
|
NIST |
CWE ids for CVE-2017-18343
-
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.Assigned by: nvd@nist.gov (Primary)
References for CVE-2017-18343
-
https://github.com/symfony/symfony/pull/23684
[Debug] Missing escape in debug output by c960657 · Pull Request #23684 · symfony/symfony · GitHubThird Party Advisory
-
https://github.com/symfony/debug/pull/7/commits/e48bda29143bd1a83001780b4a78e483822d985c
fix XSS vulnerability by om3rcitak · Pull Request #7 · symfony/debug · GitHubPatch;Third Party Advisory
-
https://github.com/symfony/symfony/issues/27987
Security Vulnerability - Cross-site Scripting · Issue #27987 · symfony/symfony · GitHubExploit;Third Party Advisory
-
https://github.com/barryvdh/laravel-debugbar/issues/850
Security Vulnerability - Cross-site Scripting · Issue #850 · barryvdh/laravel-debugbar · GitHubExploit;Third Party Advisory
Jump to