Skip to main content

Zope CVE-2023-42458

MEDIUM
Cross-site Scripting (XSS) (CWE-79)
2023-09-21 security-advisories@github.com
5.4
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.4 MEDIUM
AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
Required
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
None

Lifecycle Timeline

1
CVE Published
Sep 21, 2023 - 17:15 nvd
MEDIUM 5.4

DescriptionNVD

Zope is an open-source web application server. Prior to versions 4.8.10 and 5.8.5, there is a stored cross site scripting vulnerability for SVG images. Note that an image tag with an SVG image as source is never vulnerable, even when the SVG image contains malicious code. To exploit the vulnerability, an attacker would first need to upload an image, and then trick a user into following a specially crafted link. Patches are available in Zope 4.8.10 and 5.8.5. As a workaround, make sure the "Add Documents, Images, and Files" permission is only assigned to trusted roles. By default, only the Manager has this permission.

AnalysisAI

Zope is an open-source web application server. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Technical ContextAI

This vulnerability is classified as Cross-Site Scripting (XSS) (CWE-79), which allows attackers to inject malicious scripts into web pages viewed by other users. Zope is an open-source web application server. Prior to versions 4.8.10 and 5.8.5, there is a stored cross site scripting vulnerability for SVG images. Note that an image tag with an SVG image as source is never vulnerable, even when the SVG image contains malicious code. To exploit the vulnerability, an attacker would first need to upload an image, and then trick a user into following a specially crafted link. Patches are available in Zope 4.8.10 and 5.8.5. As a workaround, make sure the "Add Documents, Images, and Files" permission is only assigned to trusted roles. By default, only the Manager has this permission. Affected products include: Zope.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Sanitize all user input, use Content-Security-Policy headers, encode output contextually (HTML, JS, URL). Use frameworks with built-in XSS protection.

More in Zope

View all
CVE-2021-32633 HIGH POC
8.8 May 21

Zope is an open-source web application server. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitabl

CVE-2012-6661 MEDIUM POC
5.0 Nov 03

Zope before 2.13.19, as used in Plone before 4.2.3 and 4.3 before beta 1, does not reseed the pseudo-random number gener

CVE-2021-32674 HIGH
8.8 Jun 08

Zope is an open-source web application server. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitabl

CVE-2023-41050 HIGH
7.7 Sep 06

AccessControl provides a general security framework for use in Zope. Rated high severity (CVSS 7.7), this vulnerability

CVE-2021-32811 HIGH
7.2 Aug 02

Zope is an open-source web application server. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitabl

CVE-2012-5489 MEDIUM
6.5 Sep 30

The App.Undo.UndoSupport.get_request_var_or_attr function in Zope before 2.12.21 and 3.13.x before 2.13.11, as used in P

CVE-2012-5486 MEDIUM
6.4 Sep 30

ZPublisher.HTTPRequest._scrubHeader in Zope 2 before 2.13.19, as used in Plone before 4.3 beta 1, allows remote attacker

CVE-2021-33507 MEDIUM
6.1 May 21

Zope Products.CMFCore before 2.5.1 and Products.PluggableAuthService before 2.6.2, as used in Plone through 5.2.4 and ot

CVE-2023-44389 MEDIUM
4.8 Oct 04

Zope is an open-source web application server. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploita

CVE-2012-5507 MEDIUM
4.3 Sep 30

AccessControl/AuthEncoding.py in Zope before 2.13.19, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote

Share

CVE-2023-42458 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy