CVE-2023-46857

Squidex before 7.9.0 allows XSS via an SVG document to the Upload Assets feature. This occurs because there is an incomplete blacklist in the SVG inspection, allowing JavaScript in the SRC attribute of an IFRAME element. An authenticated attack with assets.create permission is required for exploitation.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.4 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 71%
VendorProductVersion
squidex.iosquidex
𝑥
< 7.9.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.openwall.com/lists/oss-security/2023/11/08/4
https://census-labs.com/news/2023/11/08/weak-svg-asset-filtering-mechanism-in-squidex-cms/
https://support.squidex.io/c/news/9
http://www.openwall.com/lists/oss-security/2023/11/08/4
https://census-labs.com/news/2023/11/08/weak-svg-asset-filtering-mechanism-in-squidex-cms/
https://support.squidex.io/c/news/9