GHSA-C6CW-G7FC-4GWC

Vulnerability from github – Published: 2024-10-07 14:55 – Updated: 2024-10-08 14:18
VLAI
Summary
Lara-zeus Dynamic Dashboard and Artemis do not validate paragraph widget values which can be used for XSS
Details

Summary

If values passed to a paragraph widget are not valid and contain a specific set of characters, applications are vulnerable to XSS attack against a user who opens a page on which a paragraph widget is rendered.

Versions of dynamic dashboard from v3.0.0 through v3.0.2 are affected.

Please upgrade to dynamic dashboard v3.0.2.

PoC

PoC will be published in a few weeks, once developers have had a chance to upgrade their apps.

Response

This vulnerability (in paragraph widget only) was reported by Raghav Sharma, who reported the issue and patched the issue during the morning of 05/10/2024. Thank you Raghav Sharma.

The review process concluded the same day at night, which revealed the issue was also present in paragraph widget. This was fixed the same day and dynamic dashboard v3.0.2 followed.

Note:

if you're published the view (blade files), you have to republish them or check the changes on release to update the affected file.

Severity
6.1 (Medium)
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.9 (Medium)
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
Show details on source website
To clipboard 

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 3.0.1"
      },
      "package": {
        "ecosystem": "Packagist",
        "name": "lara-zeus/dynamic-dashboard"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.0.0"
            },
            {
              "fixed": "3.0.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 1.0.6"
      },
      "package": {
        "ecosystem": "Packagist",
        "name": "lara-zeus/artemis"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.0.0"
            },
            {
              "fixed": "1.0.7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-47817"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-79"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-10-07T14:55:30Z",
    "nvd_published_at": "2024-10-07T22:15:03Z",
    "severity": "MODERATE"
  },
  "details": "# Summary\nIf values passed to a paragraph widget are not valid and contain a specific set of characters, applications are vulnerable to XSS attack against a user who opens a page on which a paragraph widget is rendered.\n\nVersions of dynamic dashboard from v3.0.0 through v3.0.2 are affected.\n\nPlease upgrade to dynamic dashboard [v3.0.2](https://github.com/lara-zeus/dynamic-dashboard/releases/tag/v3.0.2).\n\n# PoC\n\u003ePoC will be published in a few weeks, once developers have had a chance to upgrade their apps.\n\n# Response\nThis vulnerability (in paragraph widget only) was reported by **Raghav Sharma**, who reported the issue and patched the issue during the morning of 05/10/2024. Thank you **Raghav Sharma**.\n\nThe review process concluded the same day at night, which revealed the issue was also present in paragraph widget. This was fixed the same day and dynamic dashboard [v3.0.2](https://github.com/lara-zeus/dynamic-dashboard/releases/tag/v3.0.2) followed.\n\n## Note:\nif you\u0027re published the view (blade files), you have to republish them or check the changes on release to update the affected file.\n",
  "id": "GHSA-c6cw-g7fc-4gwc",
  "modified": "2024-10-08T14:18:39Z",
  "published": "2024-10-07T14:55:30Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/lara-zeus/dynamic-dashboard/security/advisories/GHSA-c6cw-g7fc-4gwc"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47817"
    },
    {
      "type": "WEB",
      "url": "https://github.com/lara-zeus/artemis/commit/3a3f9dd8a706af569c5581b20dcfeff91a43b9d9"
    },
    {
      "type": "WEB",
      "url": "https://github.com/lara-zeus/artemis/commit/4636f58628d20d3e78ea8514406bd7da94997f2c"
    },
    {
      "type": "WEB",
      "url": "https://github.com/lara-zeus/dynamic-dashboard/commit/adfb4b1cdfdaa01299631f0e569ce201a7cc545a"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/lara-zeus/dynamic-dashboard"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Lara-zeus Dynamic Dashboard and Artemis do not validate paragraph widget values which can be used for XSS"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.