CVE-2023-28447

Smarty is a template engine for PHP. In affected versions smarty did not properly escape javascript code. An attacker could exploit this vulnerability to execute arbitrary JavaScript code in the context of the user's browser session. This may lead to unauthorized access to sensitive user data, manipulation of the web application's behavior, or unauthorized actions performed on behalf of the user. Users are advised to upgrade to either version 3.1.48 or to 4.3.1 to resolve this issue. There are no known workarounds for this vulnerability.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.1 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
GitHub_MCNA
7.1 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 60%
VendorProductVersion
smartysmarty
𝑥
< 3.1.48
smartysmarty
4.0.0 ≤
𝑥
< 4.3.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
smarty3
bullseye
vulnerable
buster
no-dsa
bullseye (security)
3.1.39-2+deb11u2
fixed
bookworm
vulnerable
bookworm (security)
3.1.47-2+deb12u1
fixed
trixie
3.1.48-2
fixed
sid
3.1.48-2
fixed
smarty4
bookworm
4.3.0-1+deb12u1
fixed
buster
no-dsa
bookworm (security)
4.3.0-1+deb12u2
fixed
trixie
4.5.4-1
fixed
sid
4.5.4-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
civicrm
oracular
dne
noble
dne
mantic
dne
lunar
dne
kinetic
ignored
jammy
needs-triage
focal
needs-triage
bionic
needs-triage
xenial
needs-triage
trusty
ignored
postfixadmin
oracular
needed
noble
needed
mantic
ignored
lunar
ignored
kinetic
ignored
jammy
Fixed 3.3.10-2ubuntu0.1~esm1
released
focal
Fixed 3.2.1-3ubuntu0.1~esm1
released
bionic
Fixed 3.0.2-2ubuntu0.1~esm1
released
xenial
not-affected
trusty
ignored
smarty3
oracular
Fixed 3.1.48-1ubuntu0.24.10.1
released
noble
Fixed 3.1.48-1ubuntu0.24.04.1
released
mantic
ignored
lunar
ignored
kinetic
ignored
jammy
Fixed 3.1.39-2ubuntu1.22.04.2
released
focal
Fixed 3.1.34+20190228.1.c9f0de05+selfpack1-1ubuntu0.1
released
bionic
Fixed 3.1.31+20161214.1.c7d42e4+selfpack1-3ubuntu0.1+esm1
released
xenial
needs-triage
trusty
ignored
smarty4
oracular
needs-triage
noble
needs-triage
mantic
ignored
lunar
ignored
kinetic
ignored
jammy
dne
focal
dne
bionic
dne
xenial
ignored
trusty
ignored
Common Weakness Enumeration
References
https://github.com/smarty-php/smarty/commit/685662466f653597428966d75a661073104d713d
https://github.com/smarty-php/smarty/security/advisories/GHSA-7j98-h7fp-4vwj
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HSAUM3YHWHO4UCJXRGRLQGPJAO3MFOZZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JBB35GLYTL6JL6EOM6BOZNYP47JKNNHT/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P7O7SKTATM6GAP45S64QFXNLWIY5I7HP/
https://github.com/smarty-php/smarty/commit/685662466f653597428966d75a661073104d713d
https://github.com/smarty-php/smarty/security/advisories/GHSA-7j98-h7fp-4vwj
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HSAUM3YHWHO4UCJXRGRLQGPJAO3MFOZZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JBB35GLYTL6JL6EOM6BOZNYP47JKNNHT/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P7O7SKTATM6GAP45S64QFXNLWIY5I7HP/