Home > Vulnerability Database > WS-2023-0254

Mend.io Vulnerability Database

WS-2023-0254

Good to know:

Date: November 3, 2024

In Vendure admin-ui before 2.0.3 While the WYSIWYG editor allows limited customization, altering the request data (not in the ui) saves and returns arbitrary HTML with no sanitization. Causing an XSS when viewing the page. The impact of this XSS is privilege escalation. A user that can write any type of description can trigger the attack. Then any other user that visits the vulnerable page is prone to arbitrary Javascript code execution, giving the attacker ability to execute actions on behalf of this user.

Language: TYPE_SCRIPT

Severity Score

7.1

Related Resources (5)

Url: https://github.com/vendure-ecommerce/vendure/security/advisories/GHSA-gm68-572p-q28r

Url: https://github.com/vendure-ecommerce/vendure/blob/master/CHANGELOG.md#203-2023-07-04

Url: https://github.com/vendure-ecommerce/vendure

Url: https://github.com/vendure-ecommerce/vendure/commit/0cdc92b241e6fd4017ddfc9fbdca189fc7c1ada0

Url: https://www.mend.io/vulnerability-database/WS-2023-0254

Severity Score

7.1

Weakness Type (CWE)

Cross-Site Scripting (XSS)

CWE-79

Top Fix

Upgrade Version

Upgrade to version @vendure/admin-ui-plugin - 2.0.3

Learn More

CVSS v3.1

Base Score:	7.1
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	REQUIRED
Scope (S):	CHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	LOW

Mend.io Vulnerability Database

We found results for “”

WS-2023-0254

Good to know:

Date: November 3, 2024

Language: TYPE_SCRIPT

Severity Score

Related Resources (5)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?