GHSA-5h7w-hmxc-99g5

Source

https://github.com/advisories/GHSA-5h7w-hmxc-99g5

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/04/GHSA-5h7w-hmxc-99g5/GHSA-5h7w-hmxc-99g5.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-5h7w-hmxc-99g5

Aliases

CVE-2022-1091

Published

2022-04-19T00:00:45Z

Modified

2023-11-08T04:07:45.046970Z

Severity

6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

Cross site scripting in safe-svg

Details

The sanitisation step of the Safe SVG WordPress plugin before 1.9.10 can be bypassed by spoofing the content-type in the POST request to upload a file. Exploiting this vulnerability, an attacker will be able to perform the kinds of attacks that this plugin should prevent (mainly XSS, but depending on further use of uploaded SVG files potentially other XML attacks).

Database specific

{
    "nvd_published_at": "2022-04-18T18:15:00Z",
    "github_reviewed_at": "2022-04-28T21:15:03Z",
    "severity": "MODERATE",
    "github_reviewed": true,
    "cwe_ids": [
        "CWE-79"
    ]
}

References

Affected packages

Packagist / darylldoyle/safe-svg

Package

Name: darylldoyle/safe-svg
Purl: pkg:composer/darylldoyle/safe-svg

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.9.10

Affected versions

1.*

1.9.4

1.9.5

1.9.6

1.9.7

1.9.8

1.9.9