Lucene search

GitHub Advisory DatabaseGHSA-HWQ7-5VV9-C6CF

HistorySep 16, 2022 - 12:00 a.m.

Smarty Cross-site Scripting vulnerability in pages that use smarty_function_mailto

2022-09-1600:00:39

CWE-79

GitHub Advisory Database

github.com

smarty

cross-site scripting

vulnerability

function.mailto.php

web page

parameterized

javascript code

input parameters

software

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

EPSS

0.002

Percentile

54.2%

JSON

In Smarty before 3.1.47 and 4.x before 4.2.1, libs/plugins/function.mailto.php allows cross-site scripting. A web page that uses smarty_function_mailto, and that could be parameterized using GET or POST input parameters, could allow injection of JavaScript code by a user.

Affected configurations

Vulners

Node

smartysmartyRange4.0.0–4.2.1

smartysmartyRange<3.1.47

VendorProductVersionCPE
smartysmarty*cpe:2.3:a:smarty:smarty:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
smarty	smarty	*	cpe:2.3:a:smarty:smarty::::::::

References

bugs.gentoo.org/870100

github.com/advisories/GHSA-hwq7-5vv9-c6cf

github.com/FriendsOfPHP/security-advisories/blob/master/smarty/smarty/CVE-2018-25047.yaml

github.com/smarty-php/smarty/commit/55ea25d1f50f0406fb1ccedd212c527977793fc9

github.com/smarty-php/smarty/issues/454

github.com/smarty-php/smarty/releases/tag/v3.1.47

github.com/smarty-php/smarty/releases/tag/v4.2.1

lists.debian.org/debian-lts-announce/2023/01/msg00002.html

nvd.nist.gov/vuln/detail/CVE-2018-25047

security.gentoo.org/glsa/202209-09