漏洞标题
在Discourse中,通过不正确的svg文件消毒导致的跨站存储型脚本攻击
漏洞描述信息
在Discourse中,通过不正确清洗svg文件导致的存储型跨站脚本攻击
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N
漏洞类别
N/A
漏洞标题
Stored Cross-site Scripting via improper sanitization of svg files in Discourse
漏洞描述信息
Discourse is an open source platform for community discussion. Due to the improper sanitization of SVG files, an attacker can execute arbitrary JavaScript on the users’ browsers by uploading a crafted SVG file. This issue is patched in the latest stable and tests-passed versions of Discourse. Users are advised to upgrade. For users unable to upgrade there are two possible workarounds: enable CDN handing of uploads (and ensure the CDN sanitizes SVG files) or disable SVG file uploads by ensuring that the `authorized extensions` site setting does not include `svg` (or reset that setting to the default, by default Discourse doesn't enable SVG uploads by users).
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
漏洞类别
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
漏洞标题
Discourse 跨站脚本漏洞
漏洞描述信息
Discourse是一套开源的社区讨论平台。该平台包括社区、电子邮件和聊天室等功能。 Discourse存在跨站脚本漏洞,该漏洞源于允许攻击者上传 SVG 文件在用户的浏览器上执行任意 JavaScript代码。受影响的产品和版本:Discourse stable 3.0.2及之前版本,beta 3.1.0.beta3及之前版本,tests-passed 3.1.0.beta3及之前版本。
CVSS信息
N/A
漏洞类别
跨站脚本