Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-rhm7-7469-rcpw: Persistent Cross-site Scripting in eZ Platform Rich Text Field Type

Impact

The validator for the RichText fieldtype blocklists javascript: and vbscript: in links to prevent XSS. This can leave other options open, and the check can be circumvented using upper case. Content editing permissions for RichText content is required to exploit this vulnerability, which typically means Editor role or higher. The fix implements an allowlist instead, which allows only approved link protocols. The new check is case insensitive.

Patches

  • See "Patched versions".
  • https://github.com/ezsystems/ezplatform-richtext/commit/6131975108fa9756e17043e7a06a4e72f786f842 (and follow-ups https://github.com/ezsystems/ezplatform-richtext/commit/8b75c603dfd1ad6f6f3db15ae2324876683cbaf9 and https://github.com/ezsystems/ezplatform-richtext/commit/7bbc6d024c6146d1e1ba84d27a3ebffe9459613e and https://github.com/ezsystems/ezplatform-richtext/commit/2c652915625c47b493a2be06924f4c87d1df7d8e and https://github.com/ezsystems/ezplatform-richtext/commit/dbe816f3ff4c903cc508dfdcdca8791c8284d292)

Workarounds

None.

References

  • Same issue in v4.6: https://github.com/ibexa/fieldtype-richtext/security/advisories/GHSA-hvcf-6324-cjh7
  • Ibexa advisory: https://developers.ibexa.co/security-advisories/ibexa-sa-2024-005-persistent-xss-in-richtext

Credit

This vulnerability was discovered and reported to Ibexa by Alec Romano: https://github.com/4rdr We thank them for reporting it responsibly to us.

How to report security issues: https://doc.ibexa.co/en/latest/infrastructure_and_maintenance/security/reporting_issues/

ghsa
Open in Source
#xss#vulnerability#web#git#java

Skip to content

Navigation Menu

    • Actions

      Automate any workflow

    • Packages

      Host and manage packages

    • Security

      Find and fix vulnerabilities

    • Codespaces

      Instant dev environments

    • GitHub Copilot

      Write better code with AI

    • Code review

      Manage code changes

    • Issues

      Plan and track work

    • Discussions

      Collaborate outside of code

  • Explore

    • Learning Pathways
    • White papers, Ebooks, Webinars
    • Customer Stories
    • Partners

    • GitHub Sponsors

      Fund open source developers

*   The ReadME Project
    
    GitHub community articles

    • Enterprise platform

      AI-powered developer platform

  • Pricing

Search code, repositories, users, issues, pull requests…

Provide feedback

Saved searches****Use saved searches to filter your results more quickly

Sign up

  1. GitHub Advisory Database
  2. GitHub Reviewed
  3. GHSA-rhm7-7469-rcpw

Persistent Cross-site Scripting in eZ Platform Rich Text Field Type

Package

composer ezsystems/ezplatform-richtext (Composer)

Affected versions

>= 3.3.0, < 3.3.40

Description

Published to the GitHub Advisory Database

Aug 14, 2024

Last updated

Aug 14, 2024

Weaknesses

GHSA ID

GHSA-rhm7-7469-rcpw

Source code

ghsa: Latest News

GHSA-pxg6-pf52-xh8x: cookie accepts cookie name, path, and domain with out of bounds characters
ghsa