CVE-2022-35950 OroCommerce Cross-site Scripting vulnerability in add note dialog of Shopping List line item

2023-10-0913:06:50

CWE-79

GitHub_M

www.cve.org

orocommerce

cross-site scripting

add note dialog

shopping list

vulnerability

product name

storefront

admin area

security fix

CVSS3

6.9

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:N

EPSS

0.001

Percentile

18.6%

JSON

OroCommerce is an open-source Business to Business Commerce application. In versions 4.1.0 through 4.1.13, 4.2.0 through 4.2.10, 5.0.0 prior to 5.0.11, and 5.1.0 prior to 5.1.1, the JS payload added to the product name may be executed at the storefront when adding a note to the shopping list line item containing a vulnerable product. An attacker should be able to edit a product in the admin area and force a user to add this product to Shopping List and click add a note for it. Versions 5.0.11 and 5.1.1 contain a fix for this issue.

CNA Affected

[
  {
    "vendor": "oroinc",
    "product": "orocommerce",
    "versions": [
      {
        "version": ">= 4.1.0, <= 4.1.13",
        "status": "affected"
      },
      {
        "version": ">= 4.2.0, <= 4.2.10",
        "status": "affected"
      },
      {
        "version": ">= 5.0.0, < 5.0.11",
        "status": "affected"
      },
      {
        "version": ">= 5.1.0, < 5.1.1",
        "status": "affected"
      }
    ]
  }
]