Vulnerability Details : CVE-2023-42458
Zope is an open-source web application server. Prior to versions 4.8.10 and 5.8.5, there is a stored cross site scripting vulnerability for SVG images. Note that an image tag with an SVG image as source is never vulnerable, even when the SVG image contains malicious code. To exploit the vulnerability, an attacker would first need to upload an image, and then trick a user into following a specially crafted link. Patches are available in Zope 4.8.10 and 5.8.5. As a workaround, make sure the "Add Documents, Images, and Files" permission is only assigned to trusted roles. By default, only the Manager has this permission.
Vulnerability category: Cross site scripting (XSS)
Products affected by CVE-2023-42458
- cpe:2.3:a:zope:zope:*:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-42458
0.09%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 40 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-42458
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.4
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
2.3
|
2.7
|
NIST | |
3.7
|
LOW | CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N |
1.2
|
2.5
|
GitHub, Inc. |
CWE ids for CVE-2023-42458
-
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.Assigned by: security-advisories@github.com (Primary)
-
The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special characters such as "<", ">", and "&" that could be interpreted as web-scripting elements when they are sent to a downstream component that processes web pages.Assigned by: security-advisories@github.com (Primary)
References for CVE-2023-42458
-
https://github.com/zopefoundation/Zope/commit/603b0a12881c90a072a7a65e32d47ed898ce37cb
Merge pull request from GHSA-wm8q-9975-xh5v · zopefoundation/Zope@603b0a1 · GitHubPatch
-
http://www.openwall.com/lists/oss-security/2023/09/22/2
oss-security - Plone security advisory 2023/09/21Exploit;Third Party Advisory
-
https://github.com/zopefoundation/Zope/commit/26a55dbc301db417f47cafda6fe0f983b5690088
Merge pull request from GHSA-wm8q-9975-xh5v · zopefoundation/Zope@26a55db · GitHubPatch
-
https://github.com/zopefoundation/Zope/security/advisories/GHSA-wm8q-9975-xh5v
Stored Cross Site Scripting with SVG images · Advisory · zopefoundation/Zope · GitHubThird Party Advisory
Jump to