Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2022-23054

Date: February 20, 2022

Overview

Openmct versions 1.3.0 to 1.7.7 are vulnerable against stored XSS via the “Summary Widget” element, that allows the injection of malicious JavaScript into the ‘URL’ field.

Details

Openmct versions 1.3.0 to 1.7.7 are vulnerable against stored XSS via the “Summary Widget”, that allows the injection of malicious JavaScript into the ‘URL’ field. It allows malicious data to be part of the website and run within the user’s browser under the privileges of the web application

PoC Details

Create button in order to use the “Summary Widget” plugin, submit javascript:alert(“XSS”) in the URL field. Inside the DOM, we can see that the malicious payload was assigned into the “src” attribute of the iframe.

PoC Code

javascript:alert(“XSS”)

Affected Environments

1.3.0-1.7.7

Prevention

Update to version 1.7.8

Language: JS

Good to know:

icon
icon

Cross-Site Scripting (XSS)

CWE-79
icon

Upgrade Version

Upgrade to version openmct - 1.7.8

Learn More

Base Score:
Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): Required
Scope (S): Changed
Confidentiality (C): Low
Integrity (I): Low
Availability (A): None
Base Score:
Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (AU): None
Confidentiality (C): None
Integrity (I): Partial
Availability (A): None
Additional information:

Related Resources (3)

https://nvd.nist.gov/vuln/detail/CVE-2022-23054
https://github.com/nasa/openmct/commit/abc93d0ec4b104dac1ea5f8a615d06e3ab78934a
https://www.mend.io/vulnerability-database/CVE-2022-23054