Vulnerability Details : CVE-2023-31285
An XSS issue was discovered in Serenity Serene (and StartSharp) before 6.7.0. When users upload temporary files, some specific file endings are not allowed, but it is possible to upload .html or .htm files containing an XSS payload. The resulting link can be sent to an administrator user.
Vulnerability category: Cross site scripting (XSS)
Products affected by CVE-2023-31285
- cpe:2.3:a:serenity:serene:*:*:*:*:*:*:*:*
- cpe:2.3:a:serenity:startsharp:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-31285
0.71%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 71 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-31285
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
6.1
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
2.8
|
2.7
|
134c704f-9b21-4f2e-91b3-4a467353bcc0 | 2025-01-31 |
|
6.1
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
2.8
|
2.7
|
NIST |
CWE ids for CVE-2023-31285
-
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.Assigned by:
- 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)
- nvd@nist.gov (Primary)
References for CVE-2023-31285
-
http://packetstormsecurity.com/files/172648/Serenity-StartSharp-Software-File-Upload-XSS-User-Enumeration-Reusable-Tokens.html
Serenity / StartSharp Software File Upload / XSS / User Enumeration / Reusable Tokens ≈ Packet Storm
-
https://github.com/serenity-is/Serenity/commit/11b9d267f840513d04b4f4d4876de7823a6e48d2
:up: 6.7.0 · serenity-is/Serenity@11b9d26 · GitHubPatch;Vendor Advisory
-
http://seclists.org/fulldisclosure/2023/May/14
Full Disclosure: SEC Consult SA-20230516-0 :: Multiple Vulnerabilities in Serenity and StartSharp Software
Jump to