Vulnerabilidad en Discourse (CVE-2023-22468)

Gravedad CVSS v3.1:

MEDIA

Tipo:

CWE-79 Neutralización incorrecta de la entrada durante la generación de la página web (Cross-site Scripting)

Fecha de publicación:

26/01/2023

Última modificación:

07/11/2023

Descripción

*** Pendiente de traducción *** Discourse is an open source platform for community discussion. Versions prior to 2.8.13 (stable), 3.0.0.beta16 (beta) and 3.0.0beta16 (tests-passed), are vulnerable to cross-site Scripting. A maliciously crafted URL can be included in a post to carry out cross-site scripting attacks on sites with disabled or overly permissive CSP (Content Security Policy). Discourse&#39;s default CSP prevents this vulnerability. This vulnerability is patched in versions 2.8.13 (stable), 3.0.0.beta16 (beta) and 3.0.0beta16 (tests-passed). As a workaround, enable and/or restore your site&#39;s CSP to the default one provided with Discourse.

Impacto

Vector 3.x

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS v3.1 Severidad y Métricas:

Puntuación base: 5.40 MEDIA
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Vector de acceso (AV): A través de red
Complejidad de acceso (AC): Bajo
Privilegios Requeridos (PR): Bajo
Interacción del usuario (UI): Obligatorio
Alcance (S): Modificado
Impacto a la confidencialidad (C): Bajo
Impacto a la integridad (I): Bajo
Impacto a la disponibilidad (A): Ninguno

Puntuación base 3.x

5.40

Gravedad 3.x

MEDIA

Productos y versiones vulnerables

CPE	Desde	Hasta
cpe:2.3:a:discourse:discourse::::::::		2.8.13 (excluyendo)
cpe:2.3:a:discourse:discourse:2.9.0:beta1:::beta:::*
cpe:2.3:a:discourse:discourse:2.9.0:beta10:::beta:::*
cpe:2.3:a:discourse:discourse:2.9.0:beta11:::beta:::*
cpe:2.3:a:discourse:discourse:2.9.0:beta12:::beta:::*
cpe:2.3:a:discourse:discourse:2.9.0:beta13:::beta:::*
cpe:2.3:a:discourse:discourse:2.9.0:beta14:::beta:::*
cpe:2.3:a:discourse:discourse:2.9.0:beta2:::beta:::*
cpe:2.3:a:discourse:discourse:2.9.0:beta3:::beta:::*
cpe:2.3:a:discourse:discourse:2.9.0:beta4:::beta:::*
cpe:2.3:a:discourse:discourse:2.9.0:beta5:::beta:::*
cpe:2.3:a:discourse:discourse:2.9.0:beta6:::beta:::*
cpe:2.3:a:discourse:discourse:2.9.0:beta7:::beta:::*
cpe:2.3:a:discourse:discourse:2.9.0:beta8:::beta:::*
cpe:2.3:a:discourse:discourse:2.9.0:beta9:::beta:::*

Para consultar la lista completa de nombres de CPE con productos y versiones, ver esta página

Referencias a soluciones, herramientas e información

https://github.com/discourse/discourse/security/advisories/GHSA-8mr2-xf8r-wr8m

CPE	Desde	Hasta
cpe:2.3:a:discourse:discourse::::::::		2.8.13 (excluyendo)
cpe:2.3:a:discourse:discourse:2.9.0:beta1:::beta:::*
cpe:2.3:a:discourse:discourse:2.9.0:beta10:::beta:::*
cpe:2.3:a:discourse:discourse:2.9.0:beta11:::beta:::*
cpe:2.3:a:discourse:discourse:2.9.0:beta12:::beta:::*
cpe:2.3:a:discourse:discourse:2.9.0:beta13:::beta:::*
cpe:2.3:a:discourse:discourse:2.9.0:beta14:::beta:::*
cpe:2.3:a:discourse:discourse:2.9.0:beta2:::beta:::*
cpe:2.3:a:discourse:discourse:2.9.0:beta3:::beta:::*
cpe:2.3:a:discourse:discourse:2.9.0:beta4:::beta:::*
cpe:2.3:a:discourse:discourse:2.9.0:beta5:::beta:::*
cpe:2.3:a:discourse:discourse:2.9.0:beta6:::beta:::*
cpe:2.3:a:discourse:discourse:2.9.0:beta7:::beta:::*
cpe:2.3:a:discourse:discourse:2.9.0:beta8:::beta:::*
cpe:2.3:a:discourse:discourse:2.9.0:beta9:::beta:::*