Headline
CVE-2023-28106: optimized urlslug input (#14669) · pimcore/pimcore@c59d0bf
Pimcore is an open source data and experience management platform. Prior to version 10.5.19, an attacker can use cross-site scripting to send a malicious script to an unsuspecting user. Users may upgrade to version 10.5.19 to receive a patch or, as a workaround, apply the patch manually.
@@ -224,7 +224,7 @@ pimcore.document.pages.settings = Class.create(pimcore.document.settings_abstrac
method: "POST",
params: {
id: this.document.id,
path: el.getValue()
path: pimcore.helpers.sanitizeUrlSlug(el.getValue())
},
success: function (res) {
res = Ext.decode(res.responseText);
@@ -238,6 +238,10 @@ pimcore.document.pages.settings = Class.create(pimcore.document.settings_abstrac
}
}
});
}.bind(this),
"change": function (el) {
const sanitizedValue = pimcore.helpers.sanitizeUrlSlug(el.getValue());
el.setValue(sanitizedValue);
}.bind(this)
}
}
Related news
### Impact An attacker can use XSS to send a malicious script to an unsuspecting user. ### Patches Update to version 10.5.19 or apply this patch manually https://github.com/pimcore/pimcore/pull/14669.patch ### Workarounds Apply https://github.com/pimcore/pimcore/pull/14669.patch manually. ### References https://huntr.dev/bounties/fa77d780-9b23-404b-8c44-12108881d11a