CVE-2023-45818

EPSS 1.28%
Veröffentlicht 19.10.2023 22:15:10
Zuletzt bearbeitet 21.11.2024 08:27:25
Quelle security-advisories@github.com
Teams Watchlist Login
Unerledigt Login

TinyMCE is an open source rich text editor. A mutation cross-site scripting (mXSS) vulnerability was discovered in TinyMCE’s core undo and redo functionality. When a carefully-crafted HTML snippet passes the XSS sanitisation layer, it is manipulated as a string by internal trimming functions before being stored in the undo stack. If the HTML snippet is restored from the undo stack, the combination of the string manipulation and reparative parsing by either the browser's native [DOMParser API](https://developer.mozilla.org/en-US/docs/Web/API/DOMParser) (TinyMCE 6) or the SaxParser API (TinyMCE 5) mutates the HTML maliciously, allowing an XSS payload to be executed. This vulnerability has been patched in TinyMCE 5.10.8 and TinyMCE 6.7.1 by ensuring HTML is trimmed using node-level manipulation instead of string manipulation. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Tiny ≫ Tinymce Version < 5.10.8

Tiny ≫ Tinymce Version >= 6.0.0 < 6.7.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.28%	0.789

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.1	2.8	2.7	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
security-advisories@github.com	6.1	2.8	2.7	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

https://github.com/tinymce/tinymce/security/advisories/GHSA-v65r-p3vv-jjfv

Vendor Advisory

https://researchgate.net/publication/266654651_mXSS_attacks_Attacking_well-secured_web-applications_by_using_innerHTML_mutations

Third Party Advisory

https://tiny.cloud/docs/release-notes/release-notes5108/#securityfixes

Release Notes

https://tiny.cloud/docs/tinymce/6/6.7.1-release-notes/#security-fixes

Release Notes

https://www.tiny.cloud/docs/api/tinymce.html/tinymce.html.saxparser/

Product

https://nvd.nist.gov/vuln/detail/CVE-2023-45818

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-45818

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-45818

EUVD