{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-41167", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-08-02T18:54:04.428Z", "dateReserved": "2023-08-24T00:00:00", "datePublished": "2023-08-25T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2023-08-25T13:43:24.851992"}, "descriptions": [{"lang": "en", "value": "@webiny/react-rich-text-renderer before 5.37.2 allows XSS attacks by content managers. This is a react component to render data coming from Webiny Headless CMS and Webiny Form Builder. Webiny is an open-source serverless enterprise CMS. The @webiny/react-rich-text-renderer package depends on the editor.js rich text editor to handle rich text content. The CMS stores rich text content from the editor.js into the database. When the @webiny/react-rich-text-renderer is used to render such content, it uses the dangerouslySetInnerHTML prop, without applying HTML sanitization. The issue arises when an actor, who in this context would specifically be a content manager with access to the CMS, inserts a malicious script as part of the user-defined input. This script is then injected and executed within the user's browser when the main page or admin page loads."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://webiny.com"}, {"url": "https://github.com/webiny/webiny-js/security/advisories/GHSA-3x59-vrmc-5mx6"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T18:54:04.428Z"}, "title": "CVE Program Container", "references": [{"url": "https://webiny.com", "tags": ["x_transferred"]}, {"url": "https://github.com/webiny/webiny-js/security/advisories/GHSA-3x59-vrmc-5mx6", "tags": ["x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:webiny:webiny:*:*:*:*:*:node.js:*:*", "matchCriteriaId": "DE1F8F81-5632-48C7-A936-6DFD054D1D37", "versionEndExcluding": "5.37.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "@webiny/react-rich-text-renderer before 5.37.2 allows XSS attacks by content managers. This is a react component to render data coming from Webiny Headless CMS and Webiny Form Builder. Webiny is an open-source serverless enterprise CMS. The @webiny/react-rich-text-renderer package depends on the editor.js rich text editor to handle rich text content. The CMS stores rich text content from the editor.js into the database. When the @webiny/react-rich-text-renderer is used to render such content, it uses the dangerouslySetInnerHTML prop, without applying HTML sanitization. The issue arises when an actor, who in this context would specifically be a content manager with access to the CMS, inserts a malicious script as part of the user-defined input. This script is then injected and executed within the user's browser when the main page or admin page loads."}, {"lang": "es", "value": "@webiny/react-rich-text-renderer antes de 5.37.2 permite ataques Cross-Site Scripting (XSS) por parte de gestores de contenido. Se trata de un componente react para renderizar datos procedentes de Webiny Headless CMS y Webiny Form Builder. Webiny es un CMS empresarial sin servidor de c\u00f3digo abierto. El paquete @webiny/react-rich-text-renderer depende del editor de texto enriquecido editor.js para manejar contenido de texto enriquecido. El CMS almacena el contenido de texto enriquecido del editor.js en la base de datos. Cuando el @webiny/react-rich-text-renderer se utiliza para renderizar dicho contenido, utiliza la prop peligrosamenteSetInnerHTML, sin aplicar la limpieza HTML. El problema surge cuando un actor, que en este contexto ser\u00eda espec\u00edficamente un gestor de contenidos con acceso al CMS, inserta un script malicioso como parte de la entrada definida por el usuario. Este script se inyecta y ejecuta en el navegador del usuario cuando se carga la p\u00e1gina principal o la p\u00e1gina de administraci\u00f3n."}], "id": "CVE-2023-41167", "lastModified": "2023-08-31T16:42:22.000", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.7, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-08-25T14:15:10.150", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://github.com/webiny/webiny-js/security/advisories/GHSA-3x59-vrmc-5mx6"}, {"source": "cve@mitre.org", "tags": ["Product"], "url": "https://webiny.com"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}