CVE-2023-38057 - OpenCVE

An improper input validation vulnerability in OTRS Survey modules allows any attacker with a link to a valid and unanswered survey request to inject javascript code in free text answers. This allows a cross site scripting attack while reading the replies as authenticated agent. This issue affects OTRS Survey module from 7.0.X before 7.0.32, from 8.0.X before 8.0.13 and ((OTRS)) Community Edition Survey module from 6.0.X through 6.0.22.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Otrs	Survey

Configuration 1 [-]

OR	cpe:2.3:a:otrs:survey:::::community:::*
	cpe:2.3:a:otrs:survey:::::-:::*
	cpe:2.3:a:otrs:survey:::::-:::*

No data.

References

Link	Providers
https://otrs.com/release-notes/otrs-security-advisory-2023-06/

History

No history.

MITRE

Status: PUBLISHED

Assigner: OTRS

Published: 2023-07-24T08:27:55.315Z

Updated: 2024-08-02T17:30:12.921Z

Reserved: 2023-07-12T08:05:38.780Z

Link: CVE-2023-38057

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2023-07-24T09:15:09.927

Modified: 2023-08-04T18:48:27.357

Link: CVE-2023-38057

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-38057", "assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8", "state": "PUBLISHED", "assignerShortName": "OTRS", "dateReserved": "2023-07-12T08:05:38.780Z", "datePublished": "2023-07-24T08:27:55.315Z", "dateUpdated": "2024-08-02T17:30:12.921Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "affected", "packageName": "Survey", "product": "OTRS", "vendor": "OTRS AG", "versions": [{"lessThan": "7.0.32", "status": "affected", "version": "7.0.x", "versionType": "Patch"}, {"lessThan": "8.0.13", "status": "affected", "version": "8.0.x", "versionType": "Patch"}]}, {"defaultStatus": "affected", "packageName": "Survey", "product": "((OTRS)) Community Edition", "vendor": "OTRS AG", "versions": [{"lessThanOrEqual": "6.0.22", "status": "affected", "version": "6.0.x", "versionType": "All"}]}], "configurations": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Free text answers have to be used<br>"}], "value": "Free text answers have to be used\n"}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Special thanks to Daniel Mizael, Raphael Fiorin and Marcelo Makotofrom for reporting these vulnerability."}], "datePublic": "2023-07-24T07:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An improper input validation vulnerability in OTRS Survey modules allows any attacker with a link to a valid and unanswered survey request to inject javascript code in free text answers. This allows a cross site scripting attack while reading the replies as authenticated agent.<br><p>This issue affects OTRS Survey module from 7.0.X before 7.0.32, from 8.0.X before 8.0.13 and ((OTRS)) Community Edition Survey module from 6.0.X through 6.0.22.</p>"}], "value": "An improper input validation vulnerability in OTRS Survey modules allows any attacker with a link to a valid and unanswered survey request to inject javascript code in free text answers. This allows a cross site scripting attack while reading the replies as authenticated agent.\nThis issue affects OTRS Survey module from 7.0.X before 7.0.32, from 8.0.X before 8.0.13 and ((OTRS)) Community Edition Survey module from 6.0.X through 6.0.22.\n\n"}], "impacts": [{"capecId": "CAPEC-63", "descriptions": [{"lang": "en", "value": "CAPEC-63 Cross-Site Scripting (XSS)"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8", "shortName": "OTRS", "dateUpdated": "2023-07-24T08:27:55.315Z"}, "references": [{"url": "https://otrs.com/release-notes/otrs-security-advisory-2023-06/"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\nUpdate Survey package to version 8.0.13 or 7.0.32\n<br>"}], "value": "Update Survey package to version 8.0.13 or 7.0.32\n\n"}], "source": {"advisory": "OSA-2023-06", "defect": ["Issue#769", "Ticket#2023020942001367"], "discovery": "EXTERNAL"}, "title": "XSS stored in survey answers", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T17:30:12.921Z"}, "title": "CVE Program Container", "references": [{"url": "https://otrs.com/release-notes/otrs-security-advisory-2023-06/", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:otrs:survey:*:*:*:*:community:*:*:*", "matchCriteriaId": "2C028891-8D6D-487A-B1A8-F7635C679067", "versionEndIncluding": "6.0.22", "versionStartIncluding": "6.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:otrs:survey:*:*:*:*:-:*:*:*", "matchCriteriaId": "1DA2C542-3BDD-4E5C-870B-C9FE32BE6B70", "versionEndExcluding": "7.0.32", "versionStartIncluding": "7.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:otrs:survey:*:*:*:*:-:*:*:*", "matchCriteriaId": "223E24C7-C368-4822-9BDF-BF5403113847", "versionEndExcluding": "8.0.13", "versionStartIncluding": "8.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An improper input validation vulnerability in OTRS Survey modules allows any attacker with a link to a valid and unanswered survey request to inject javascript code in free text answers. This allows a cross site scripting attack while reading the replies as authenticated agent.\nThis issue affects OTRS Survey module from 7.0.X before 7.0.32, from 8.0.X before 8.0.13 and ((OTRS)) Community Edition Survey module from 6.0.X through 6.0.22.\n\n"}], "id": "CVE-2023-38057", "lastModified": "2023-08-04T18:48:27.357", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 1.4, "source": "security@otrs.com", "type": "Secondary"}]}, "published": "2023-07-24T09:15:09.927", "references": [{"source": "security@otrs.com", "tags": ["Vendor Advisory"], "url": "https://otrs.com/release-notes/otrs-security-advisory-2023-06/"}], "sourceIdentifier": "security@otrs.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-20"}], "source": "security@otrs.com", "type": "Secondary"}]}