CVE-2023-28447

EUVD-2023-0924
Smarty is a template engine for PHP. In affected versions smarty did not properly escape javascript code. An attacker could exploit this vulnerability to execute arbitrary JavaScript code in the context of the user's browser session. This may lead to unauthorized access to sensitive user data, manipulation of the web application's behavior, or unauthorized actions performed on behalf of the user. Users are advised to upgrade to either version 3.1.48 or to 4.3.1 to resolve this issue. There are no known workarounds for this vulnerability.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.1 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
GitHub_MCNA
7.1 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 77%
Affected Products (NVD)
VendorProductVersion
smartysmarty
𝑥
< 3.1.48
smartysmarty
4.0.0 ≤
𝑥
< 4.3.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
smarty3
bookworm
vulnerable
bookworm (security)
3.1.47-2+deb12u1
fixed
bullseye
vulnerable
bullseye (security)
3.1.39-2+deb11u2
fixed
buster
no-dsa
sid
3.1.48-2
fixed
trixie
3.1.48-2
fixed
smarty4
bookworm
4.3.0-1+deb12u1
fixed
bookworm (security)
4.3.0-1+deb12u2
fixed
buster
no-dsa
sid
4.5.4-1
fixed
trixie
4.5.4-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
civicrm
bionic
needs-triage
focal
needs-triage
jammy
needs-triage
kinetic
ignored
lunar
dne
mantic
dne
noble
dne
oracular
dne
trusty
ignored
xenial
needs-triage
postfixadmin
bionic
Fixed 3.0.2-2ubuntu0.1~esm1
released
focal
Fixed 3.2.1-3ubuntu0.1~esm1
released
jammy
Fixed 3.3.10-2ubuntu0.1~esm1
released
kinetic
ignored
lunar
ignored
mantic
ignored
noble
needed
oracular
needed
trusty
ignored
xenial
not-affected
smarty3
bionic
Fixed 3.1.31+20161214.1.c7d42e4+selfpack1-3ubuntu0.1+esm1
released
focal
Fixed 3.1.34+20190228.1.c9f0de05+selfpack1-1ubuntu0.1
released
jammy
Fixed 3.1.39-2ubuntu1.22.04.2
released
kinetic
ignored
lunar
ignored
mantic
ignored
noble
Fixed 3.1.48-1ubuntu0.24.04.1
released
oracular
Fixed 3.1.48-1ubuntu0.24.10.1
released
trusty
ignored
xenial
needs-triage
smarty4
bionic
dne
focal
dne
jammy
dne
kinetic
ignored
lunar
ignored
mantic
ignored
noble
needs-triage
oracular
needs-triage
trusty
ignored
xenial
ignored
Common Weakness Enumeration
References
https://github.com/smarty-php/smarty/commit/685662466f653597428966d75a661073104d713d
https://github.com/smarty-php/smarty/security/advisories/GHSA-7j98-h7fp-4vwj
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HSAUM3YHWHO4UCJXRGRLQGPJAO3MFOZZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JBB35GLYTL6JL6EOM6BOZNYP47JKNNHT/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P7O7SKTATM6GAP45S64QFXNLWIY5I7HP/
https://github.com/smarty-php/smarty/commit/685662466f653597428966d75a661073104d713d
https://github.com/smarty-php/smarty/security/advisories/GHSA-7j98-h7fp-4vwj
https://lists.debian.org/debian-lts-announce/2024/11/msg00013.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HSAUM3YHWHO4UCJXRGRLQGPJAO3MFOZZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JBB35GLYTL6JL6EOM6BOZNYP47JKNNHT/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P7O7SKTATM6GAP45S64QFXNLWIY5I7HP/