GHSA-hr2r-w6wc-25pv
Suggest an improvement- Source
- https://github.com/advisories/GHSA-hr2r-w6wc-25pv
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/05/GHSA-hr2r-w6wc-25pv/GHSA-hr2r-w6wc-25pv.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-hr2r-w6wc-25pv
- Aliases
-
- CVE-2024-34461
- Published
- 2024-05-04T06:30:31Z
- Modified
- 2024-12-01T05:28:13.215108Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- Zenario uses Twig filters insecurely in the Twig Snippet plugin
- Details
-
Zenario before 9.5.60437 uses Twig filters insecurely in the Twig Snippet plugin, and in the site-wide HEAD and BODY elements, enabling code execution by a designer or an administrator.
- Database specific
{ "nvd_published_at": "2024-05-04T05:15:06Z", "cwe_ids": [], "severity": "CRITICAL", "github_reviewed": true, "github_reviewed_at": "2024-05-06T14:24:09Z" }- References
Affected packages
Packagist / tribalsystems/zenario
Package
- Name
- tribalsystems/zenario
- Purl
- pkg:composer/tribalsystems/zenario
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed9.5.60437
Affected versions
7.*
7.5.40440
7.5.41006
7.5.41499
7.5.41633
7.5.42085
7.5.42990
7.5.47180
7.6.41504
7.6.41633
7.6.42085
7.6.42990
7.6.47180
7.7.42682
7.7.42963
7.7.42990
7.7.44223
7.7.47180
7.7.47369
7.7.48583
8.*
8.0.44237
8.0.44273
8.0.44294
8.0.44521
8.0.45032
8.0.45250
8.0.45529
8.0.47180
8.0.48583
8.1.45530
8.1.45698
8.1.46089
8.1.46433
8.1.46615
8.1.47180
8.1.47369
8.1.48583
8.2.46436
8.2.46614
8.2.47180
8.2.47369
8.2.47992
8.2.48583
8.3.47997
8.3.48583
8.3.50564
8.4.50565
8.4.51340
8.5.50567
8.5.50837
8.5.51340
8.6.51342
8.7
8.8
8.8.53370
8.8.53725
8.8.54063
8.9.54063
8.9.54149
8.9.54153
8.9.55141
9.*
9.0.54156
9.0.55141
9.0.57473
9.1.55143
9.1.55510
9.1.55619
9.1.57473
9.2
9.2.55826
9.2.57169
9.2.57473
9.3.57186
9.3.57474
9.3.57595
9.3.57709
9.3.57754
9.3.58670
9.4.58686
9.4.59197
9.4.59574
9.4.60437
9.5.59574
9.5.59647
9.5.60240