Headline
GHSA-vxq2-p937-3px3: Pinned entity creation form shows wrong data
Impact
Logged in user can access page state data of pinned pages of other users by pageId hash.
Patch
--- src/Oro/Bundle/NavigationBundle/Controller/Api/PagestateController.php
+++ src/Oro/Bundle/NavigationBundle/Controller/Api/PagestateController.php
@@ -158,6 +158,13 @@
AbstractPageState::generateHash($this->get('request_stack')->getCurrentRequest()->get('pageId'))
);
+ if ($entity) {
+ $entity = $this->getEntity($entity->getId());
+ }
+ if (!$entity) {
+ return $this->handleNotFound();
+ }
+
return $this->handleView($this->view($this->getState($entity), Response::HTTP_OK));
}
- GitHub Advisory Database
- GitHub Reviewed
- CVE-2023-45824
Pinned entity creation form shows wrong data
Moderate severity GitHub Reviewed Published Mar 25, 2024 in oroinc/platform • Updated Mar 25, 2024
Package
Affected versions
>= 5.1.0, <= 5.1.3
>= 5.0.0, <= 5.0.12
>= 4.2.0, <= 4.2.10
Impact
Logged in user can access page state data of pinned pages of other users by pageId hash.
Patch
— src/Oro/Bundle/NavigationBundle/Controller/Api/PagestateController.php +++ src/Oro/Bundle/NavigationBundle/Controller/Api/PagestateController.php @@ -158,6 +158,13 @@ AbstractPageState::generateHash($this->get(‘request_stack’)->getCurrentRequest()->get(‘pageId’)) );
if ($entity) {$entity = $this->getEntity($entity->getId());}if (!$entity) {return $this->handleNotFound();}
}return $this->handleView($this->view($this->getState($entity), Response::HTTP\_OK));
References
- GHSA-vxq2-p937-3px3
- oroinc/platform@cf94df7
Published to the GitHub Advisory Database
Mar 25, 2024
Last updated
Mar 25, 2024