Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
30 vulnerabilities by sulu
CVE-2026-45701 (GCVE-0-2026-45701)
Vulnerability from nvd – Published: 2026-06-01 16:09 – Updated: 2026-06-01 19:07
VLAI
Title
Sulu: Weak Cryptographical usage for API Key generation and Reset Tokens
Summary
Sulu is an open-source PHP content management system based on the Symfony framework. Prior to versions 2.6.23 and 3.0.6, the password reset tokenand API key generation uses a weak cryptographical hash algorithm. This issue has been patched in versions 2.6.23 and 3.0.6.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/sulu/sulu/security/advisories/… | x_refsource_CONFIRM |
| https://github.com/sulu/sulu/releases/tag/2.6.23 | x_refsource_MISC |
| https://github.com/sulu/sulu/releases/tag/3.0.6 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-45701",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-01T19:07:06.813610Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T19:07:13.574Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "sulu",
"vendor": "sulu",
"versions": [
{
"status": "affected",
"version": "\u003c 2.6.23"
},
{
"status": "affected",
"version": "\u003e= 3.0.0-alpha1, \u003c 3.0.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sulu is an open-source PHP content management system based on the Symfony framework. Prior to versions 2.6.23 and 3.0.6, the password reset tokenand API key generation uses a weak cryptographical hash algorithm. This issue has been patched in versions 2.6.23 and 3.0.6."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-327",
"description": "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T16:09:21.477Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/sulu/sulu/security/advisories/GHSA-7fv8-6pp7-6h85",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-7fv8-6pp7-6h85"
},
{
"name": "https://github.com/sulu/sulu/releases/tag/2.6.23",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sulu/sulu/releases/tag/2.6.23"
},
{
"name": "https://github.com/sulu/sulu/releases/tag/3.0.6",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sulu/sulu/releases/tag/3.0.6"
}
],
"source": {
"advisory": "GHSA-7fv8-6pp7-6h85",
"discovery": "UNKNOWN"
},
"title": "Sulu: Weak Cryptographical usage for API Key generation and Reset Tokens"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-45701",
"datePublished": "2026-06-01T16:09:21.477Z",
"dateReserved": "2026-05-13T04:38:01.165Z",
"dateUpdated": "2026-06-01T19:07:13.574Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-34372 (GCVE-0-2026-34372)
Vulnerability from nvd – Published: 2026-03-31 20:19 – Updated: 2026-03-31 20:29
VLAI
Title
Sulu checks fix permissions for subentities endpoints
Summary
Sulu is an open-source PHP content management system based on the Symfony framework. From versions 1.0.0 to before 2.6.22, and 3.0.0 to before 3.0.5, a user which has permission for the Sulu Admin via at least one role could have access to the sub-entities of contacts via the admin API without even have permission for contacts. This issue has been patched in versions 2.6.22 and 3.0.5.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/sulu/sulu/security/advisories/… | x_refsource_CONFIRM |
| https://github.com/sulu/sulu/releases/tag/2.6.22 | x_refsource_MISC |
| https://github.com/sulu/sulu/releases/tag/3.0.5 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-34372",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-31T20:29:06.573205Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-31T20:29:14.584Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "sulu",
"vendor": "sulu",
"versions": [
{
"status": "affected",
"version": "\u003e= 1.0.0, \u003c 2.6.22"
},
{
"status": "affected",
"version": "\u003e= 3.0.0, \u003c 3.0.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sulu is an open-source PHP content management system based on the Symfony framework. From versions 1.0.0 to before 2.6.22, and 3.0.0 to before 3.0.5, a user which has permission for the Sulu Admin via at least one role could have access to the sub-entities of contacts via the admin API without even have permission for contacts. This issue has been patched in versions 2.6.22 and 3.0.5."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "CWE-288: Authentication Bypass Using an Alternate Path or Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-31T20:19:32.601Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/sulu/sulu/security/advisories/GHSA-6h7h-m7p5-hjqp",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-6h7h-m7p5-hjqp"
},
{
"name": "https://github.com/sulu/sulu/releases/tag/2.6.22",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sulu/sulu/releases/tag/2.6.22"
},
{
"name": "https://github.com/sulu/sulu/releases/tag/3.0.5",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sulu/sulu/releases/tag/3.0.5"
}
],
"source": {
"advisory": "GHSA-6h7h-m7p5-hjqp",
"discovery": "UNKNOWN"
},
"title": "Sulu checks fix permissions for subentities endpoints"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-34372",
"datePublished": "2026-03-31T20:19:32.601Z",
"dateReserved": "2026-03-27T13:43:14.369Z",
"dateUpdated": "2026-03-31T20:29:14.584Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-47778 (GCVE-0-2025-47778)
Vulnerability from nvd – Published: 2025-05-14 15:29 – Updated: 2025-05-14 18:13
VLAI
Title
Sulu vulnerable to XXE in SVG File upload Inspector
Summary
Sulu is an open-source PHP content management system based on the Symfony framework. Starting in versions 2.5.21, 2.6.5, and 3.0.0-alpha1, an admin user can upload SVG which may load external data via XML DOM library. This can be used for insecure XML External Entity References. The problem has been patched in versions 2.6.9, 2.5.25, and 3.0.0-alpha3. As a workaround, one may patch the effect file `src/Sulu/Bundle/MediaBundle/FileInspector/SvgFileInspector.php` manually.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-611 - Improper Restriction of XML External Entity Reference
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/sulu/sulu/security/advisories/… | x_refsource_CONFIRM |
| https://github.com/sulu/sulu/commit/02f52fca04eb9… | x_refsource_MISC |
| https://github.com/sulu/sulu/blob/2.6/src/Sulu/Bu… | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-47778",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-14T18:13:08.671516Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-14T18:13:14.564Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "sulu",
"vendor": "sulu",
"versions": [
{
"status": "affected",
"version": "\u003e= 2.5.21, \u003c 2.5.25"
},
{
"status": "affected",
"version": "\u003e= 2.6.5, \u003c 2.6.9"
},
{
"status": "affected",
"version": "\u003e= 3.0.0-alpha1, \u003c 3.0.0-alpha3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sulu is an open-source PHP content management system based on the Symfony framework. Starting in versions 2.5.21, 2.6.5, and 3.0.0-alpha1, an admin user can upload SVG which may load external data via XML DOM library. This can be used for insecure XML External Entity References. The problem has been patched in versions 2.6.9, 2.5.25, and 3.0.0-alpha3. As a workaround, one may patch the effect file `src/Sulu/Bundle/MediaBundle/FileInspector/SvgFileInspector.php` manually."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"privilegesRequired": "HIGH",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611: Improper Restriction of XML External Entity Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-14T15:29:08.187Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/sulu/sulu/security/advisories/GHSA-f6rx-hf55-4255",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-f6rx-hf55-4255"
},
{
"name": "https://github.com/sulu/sulu/commit/02f52fca04eb9495b9b4a0c5cc64cf23bc27f544",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sulu/sulu/commit/02f52fca04eb9495b9b4a0c5cc64cf23bc27f544"
},
{
"name": "https://github.com/sulu/sulu/blob/2.6/src/Sulu/Bundle/MediaBundle/FileInspector/SvgFileInspector.php",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sulu/sulu/blob/2.6/src/Sulu/Bundle/MediaBundle/FileInspector/SvgFileInspector.php"
}
],
"source": {
"advisory": "GHSA-f6rx-hf55-4255",
"discovery": "UNKNOWN"
},
"title": "Sulu vulnerable to XXE in SVG File upload Inspector"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-47778",
"datePublished": "2025-05-14T15:29:08.187Z",
"dateReserved": "2025-05-09T19:49:35.620Z",
"dateUpdated": "2025-05-14T18:13:14.564Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47617 (GCVE-0-2024-47617)
Vulnerability from nvd – Published: 2024-10-03 14:24 – Updated: 2024-10-08 13:33
VLAI
Title
Reflected XSS Vulnerability in Sulu Media Bundle
Summary
Sulu is a PHP content management system. This vulnerability allows an attacker to inject arbitrary HTML/JavaScript code through the media download URL in Sulu CMS. It affects the SuluMediaBundle component. The vulnerability is a Reflected Cross-Site Scripting (XSS) issue, which could potentially allow attackers to steal sensitive information, manipulate the website's content, or perform actions on behalf of the victim. This vulnerability is fixed in 2.6.5 and 2.5.21.
Severity
6.1 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/sulu/sulu/security/advisories/… | x_refsource_CONFIRM |
| https://github.com/sulu/sulu/commit/a5a5ae555d282… | x_refsource_MISC |
| https://github.com/sulu/sulu/commit/eeacd14b6cf55… | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47617",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-03T14:38:49.459437Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T13:33:43.219Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "sulu",
"vendor": "sulu",
"versions": [
{
"status": "affected",
"version": "\u003e= 2.6.4, \u003c 2.6.5"
},
{
"status": "affected",
"version": "\u003e= 2.5.20, \u003c 2.5.21"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sulu is a PHP content management system. This vulnerability allows an attacker to inject arbitrary HTML/JavaScript code through the media download URL in Sulu CMS. It affects the SuluMediaBundle component. The vulnerability is a Reflected Cross-Site Scripting (XSS) issue, which could potentially allow attackers to steal sensitive information, manipulate the website\u0027s content, or perform actions on behalf of the victim. This vulnerability is fixed in 2.6.5 and 2.5.21."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-03T14:24:44.300Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/sulu/sulu/security/advisories/GHSA-6784-9c82-vr85",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-6784-9c82-vr85"
},
{
"name": "https://github.com/sulu/sulu/commit/a5a5ae555d282e88ff8559d38cfb46dea7939bda",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sulu/sulu/commit/a5a5ae555d282e88ff8559d38cfb46dea7939bda"
},
{
"name": "https://github.com/sulu/sulu/commit/eeacd14b6cf55f710084788140d40ebb00314b29",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sulu/sulu/commit/eeacd14b6cf55f710084788140d40ebb00314b29"
}
],
"source": {
"advisory": "GHSA-6784-9c82-vr85",
"discovery": "UNKNOWN"
},
"title": "Reflected XSS Vulnerability in Sulu Media Bundle"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-47617",
"datePublished": "2024-10-03T14:24:44.300Z",
"dateReserved": "2024-09-27T20:37:22.121Z",
"dateUpdated": "2024-10-08T13:33:43.219Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47618 (GCVE-0-2024-47618)
Vulnerability from nvd – Published: 2024-10-03 14:18 – Updated: 2024-10-18 14:42
VLAI
Title
Sulu vulnerable to XSS via uploaded SVG
Summary
Sulu is a PHP content management system. Sulu is vulnerable against XSS whereas a low privileged user with access to the “Media” section can upload an SVG file with a malicious payload. Once uploaded and accessed, the malicious javascript will be executed on the victims’ (other users including admins) browsers. This issue is fixed in 2.6.5.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/sulu/sulu/security/advisories/… | x_refsource_CONFIRM |
| https://github.com/sulu/sulu/commit/ca72f75eebe41… | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47618",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T13:20:32.450553Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T13:34:22.787Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "sulu",
"vendor": "sulu",
"versions": [
{
"status": "affected",
"version": "\u003e= 2.0.0-RC1, \u003c 2.5.21"
},
{
"status": "affected",
"version": "\u003e= 2.6.0-RC1, \u003c 2.6.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sulu is a PHP content management system. Sulu is vulnerable against XSS whereas a low privileged user with access to the \u201cMedia\u201d section can upload an SVG file with a malicious payload. Once uploaded and accessed, the malicious javascript will be executed on the victims\u2019 (other users including admins) browsers. This issue is fixed in 2.6.5."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "PASSIVE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T14:42:45.592Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/sulu/sulu/security/advisories/GHSA-255w-87rh-rg44",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-255w-87rh-rg44"
},
{
"name": "https://github.com/sulu/sulu/commit/ca72f75eebe41ea7726624d8aea7da6c425f1eb9",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sulu/sulu/commit/ca72f75eebe41ea7726624d8aea7da6c425f1eb9"
}
],
"source": {
"advisory": "GHSA-255w-87rh-rg44",
"discovery": "UNKNOWN"
},
"title": "Sulu vulnerable to XSS via uploaded SVG"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-47618",
"datePublished": "2024-10-03T14:18:02.129Z",
"dateReserved": "2024-09-27T20:37:22.121Z",
"dateUpdated": "2024-10-18T14:42:45.592Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-37156 (GCVE-0-2024-37156)
Vulnerability from nvd – Published: 2024-06-06 16:03 – Updated: 2024-08-02 03:50
VLAI
Title
TokenController formName not sanitized in hidden input
Summary
The SuluFormBundle adds support for creating dynamic forms in Sulu Admin. The TokenController get parameter formName is not sanitized in the returned input field which leads to XSS. This vulnerability is fixed in 2.5.3.
Severity
6.1 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/sulu/SuluFormBundle/security/a… | x_refsource_CONFIRM |
| https://github.com/sulu/SuluFormBundle/commit/3f3… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| sulu | SuluFormBundle |
Affected:
>=2.0.0, < 2.5.3
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-37156",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-19T12:57:53.699448Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-19T20:48:56.217Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:50:54.830Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/sulu/SuluFormBundle/security/advisories/GHSA-rrvc-c7xg-7cf3",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/sulu/SuluFormBundle/security/advisories/GHSA-rrvc-c7xg-7cf3"
},
{
"name": "https://github.com/sulu/SuluFormBundle/commit/3f341b71a7309cbc8fd2c5bff894c654d1679b17",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sulu/SuluFormBundle/commit/3f341b71a7309cbc8fd2c5bff894c654d1679b17"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SuluFormBundle",
"vendor": "sulu",
"versions": [
{
"status": "affected",
"version": "\u003e=2.0.0, \u003c 2.5.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The SuluFormBundle adds support for creating dynamic forms in Sulu Admin. The TokenController get parameter formName is not sanitized in the returned input field which leads to XSS. This vulnerability is fixed in 2.5.3."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-80",
"description": "CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T16:03:46.771Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/sulu/SuluFormBundle/security/advisories/GHSA-rrvc-c7xg-7cf3",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/sulu/SuluFormBundle/security/advisories/GHSA-rrvc-c7xg-7cf3"
},
{
"name": "https://github.com/sulu/SuluFormBundle/commit/3f341b71a7309cbc8fd2c5bff894c654d1679b17",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sulu/SuluFormBundle/commit/3f341b71a7309cbc8fd2c5bff894c654d1679b17"
}
],
"source": {
"advisory": "GHSA-rrvc-c7xg-7cf3",
"discovery": "UNKNOWN"
},
"title": "TokenController formName not sanitized in hidden input"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-37156",
"datePublished": "2024-06-06T16:03:46.771Z",
"dateReserved": "2024-06-03T17:29:38.329Z",
"dateUpdated": "2024-08-02T03:50:54.830Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-27915 (GCVE-0-2024-27915)
Vulnerability from nvd – Published: 2024-03-06 19:33 – Updated: 2025-04-16 15:54
VLAI
Title
Sulu grants access to pages regardless of role permissions
Summary
Sulu is a PHP content management system. Starting in verson 2.2.0 and prior to version 2.4.17 and 2.5.13, access to pages is granted regardless of role permissions for webspaces which have a security system configured and permission check enabled. Webspaces without do not have this issue. The problem is patched in versions 2.4.17 and 2.5.13. Some workarounds are available. One may apply the patch to `vendor/symfony/security-http/HttpUtils.php` manually or avoid installing `symfony/security-http` versions greater equal than `v5.4.30` or `v6.3.6`.
Severity
6.8 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/sulu/sulu/security/advisories/… | x_refsource_CONFIRM |
| https://github.com/sulu/sulu/commit/ec9c3f99e1533… | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:sulu:sulu:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sulu",
"vendor": "sulu",
"versions": [
{
"lessThan": "2.4.17",
"status": "affected",
"version": "2.2.0",
"versionType": "custom"
},
{
"lessThan": "2.5.13",
"status": "affected",
"version": "2.5.0-alpha1",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27915",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-07T16:35:44.612681Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T15:54:40.497Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:41:55.581Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/sulu/sulu/security/advisories/GHSA-jr83-m233-gg6p",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-jr83-m233-gg6p"
},
{
"name": "https://github.com/sulu/sulu/commit/ec9c3f99e15336dc4f6877f512300f231c17c6da",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sulu/sulu/commit/ec9c3f99e15336dc4f6877f512300f231c17c6da"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "sulu",
"vendor": "sulu",
"versions": [
{
"status": "affected",
"version": "\u003e= 2.2.0, \u003c 2.4.17"
},
{
"status": "affected",
"version": "\u003e= 2.5.0-alpha1, \u003c 2.5.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sulu is a PHP content management system. Starting in verson 2.2.0 and prior to version 2.4.17 and 2.5.13, access to pages is granted regardless of role permissions for webspaces which have a security system configured and permission check enabled. Webspaces without do not have this issue. The problem is patched in versions 2.4.17 and 2.5.13. Some workarounds are available. One may apply the patch to `vendor/symfony/security-http/HttpUtils.php` manually or avoid installing `symfony/security-http` versions greater equal than `v5.4.30` or `v6.3.6`."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-06T19:33:11.798Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/sulu/sulu/security/advisories/GHSA-jr83-m233-gg6p",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-jr83-m233-gg6p"
},
{
"name": "https://github.com/sulu/sulu/commit/ec9c3f99e15336dc4f6877f512300f231c17c6da",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sulu/sulu/commit/ec9c3f99e15336dc4f6877f512300f231c17c6da"
}
],
"source": {
"advisory": "GHSA-jr83-m233-gg6p",
"discovery": "UNKNOWN"
},
"title": "Sulu grants access to pages regardless of role permissions"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-27915",
"datePublished": "2024-03-06T19:33:11.798Z",
"dateReserved": "2024-02-28T15:14:14.213Z",
"dateUpdated": "2025-04-16T15:54:40.497Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-24807 (GCVE-0-2024-24807)
Vulnerability from nvd – Published: 2024-02-05 20:09 – Updated: 2024-08-01 23:28
VLAI
Title
Sulu is vulnerable to HTML Injection via Autocomplete Suggestion
Summary
Sulu is a highly extensible open-source PHP content management system based on the Symfony framework. There is an issue when inputting HTML into the Tag name. The HTML is executed when the tag name is listed in the auto complete form. Only admin users can create tags so they are the only ones affected. The problem is patched with version(s) 2.4.16 and 2.5.12.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-80 - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/sulu/sulu/security/advisories/… | x_refsource_CONFIRM |
| https://github.com/sulu/sulu/releases/tag/2.4.16 | x_refsource_MISC |
| https://github.com/sulu/sulu/releases/tag/2.5.12 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:sulu:sulu:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sulu",
"vendor": "sulu",
"versions": [
{
"status": "affected",
"version": "-"
}
]
},
{
"cpes": [
"cpe:2.3:a:sulu:sulu:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sulu",
"vendor": "sulu",
"versions": [
{
"status": "affected",
"version": "-"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-24807",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-06T19:25:07.228689Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:43:18.721Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:28:12.885Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/sulu/sulu/security/advisories/GHSA-gfrh-gwqc-63cv",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-gfrh-gwqc-63cv"
},
{
"name": "https://github.com/sulu/sulu/releases/tag/2.4.16",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sulu/sulu/releases/tag/2.4.16"
},
{
"name": "https://github.com/sulu/sulu/releases/tag/2.5.12",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sulu/sulu/releases/tag/2.5.12"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "sulu",
"vendor": "sulu",
"versions": [
{
"status": "affected",
"version": "\u003e= 2.0.0, \u003c 2.4.16"
},
{
"status": "affected",
"version": "\u003e= 2.5.0, \u003c 2.5.12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sulu is a highly extensible open-source PHP content management system based on the Symfony framework. There is an issue when inputting HTML into the Tag name. The HTML is executed when the tag name is listed in the auto complete form. Only admin users can create tags so they are the only ones affected. The problem is patched with version(s) 2.4.16 and 2.5.12."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-80",
"description": "CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-05T20:09:36.891Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/sulu/sulu/security/advisories/GHSA-gfrh-gwqc-63cv",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-gfrh-gwqc-63cv"
},
{
"name": "https://github.com/sulu/sulu/releases/tag/2.4.16",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sulu/sulu/releases/tag/2.4.16"
},
{
"name": "https://github.com/sulu/sulu/releases/tag/2.5.12",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sulu/sulu/releases/tag/2.5.12"
}
],
"source": {
"advisory": "GHSA-gfrh-gwqc-63cv",
"discovery": "UNKNOWN"
},
"title": "Sulu is vulnerable to HTML Injection via Autocomplete Suggestion"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-24807",
"datePublished": "2024-02-05T20:09:36.891Z",
"dateReserved": "2024-01-31T16:28:17.941Z",
"dateUpdated": "2024-08-01T23:28:12.885Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39343 (GCVE-0-2023-39343)
Vulnerability from nvd – Published: 2023-08-04 00:06 – Updated: 2024-10-03 18:21
VLAI
Title
Sulu Observable Response Discrepancy on Admin Login
Summary
Sulu is an open-source PHP content management system based on the Symfony framework. It allows over the Admin Login form to detect which user (username, email) exists and which one do not exist. Sulu Installation not using the old Symfony 5.4 security System and previous version are not impacted by this Security issue. The vulnerability has been patched in version 2.5.10.
Severity
4.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-204 - Observable Response Discrepancy
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/sulu/sulu/security/advisories/… | x_refsource_CONFIRM |
| https://github.com/sulu/sulu/commit/5f6c98ba030b2… | x_refsource_MISC |
| https://github.com/sulu/sulu/releases/tag/2.5.10 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:02:06.889Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/sulu/sulu/security/advisories/GHSA-wmwf-49vv-p3mr",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-wmwf-49vv-p3mr"
},
{
"name": "https://github.com/sulu/sulu/commit/5f6c98ba030b2005793e2dc647cc938937ea889b",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sulu/sulu/commit/5f6c98ba030b2005793e2dc647cc938937ea889b"
},
{
"name": "https://github.com/sulu/sulu/releases/tag/2.5.10",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sulu/sulu/releases/tag/2.5.10"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39343",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-03T18:21:36.480062Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-03T18:21:46.144Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "sulu",
"vendor": "sulu",
"versions": [
{
"status": "affected",
"version": "\u003e= 2.5.0, \u003c 2.5.10"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sulu is an open-source PHP content management system based on the Symfony framework. It allows over the Admin Login form to detect which user (username, email) exists and which one do not exist. Sulu Installation not using the old Symfony 5.4 security System and previous version are not impacted by this Security issue. The vulnerability has been patched in version 2.5.10. \n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-204",
"description": "CWE-204: Observable Response Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-04T00:06:29.997Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/sulu/sulu/security/advisories/GHSA-wmwf-49vv-p3mr",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-wmwf-49vv-p3mr"
},
{
"name": "https://github.com/sulu/sulu/commit/5f6c98ba030b2005793e2dc647cc938937ea889b",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sulu/sulu/commit/5f6c98ba030b2005793e2dc647cc938937ea889b"
},
{
"name": "https://github.com/sulu/sulu/releases/tag/2.5.10",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sulu/sulu/releases/tag/2.5.10"
}
],
"source": {
"advisory": "GHSA-wmwf-49vv-p3mr",
"discovery": "UNKNOWN"
},
"title": "Sulu Observable Response Discrepancy on Admin Login"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-39343",
"datePublished": "2023-08-04T00:06:29.997Z",
"dateReserved": "2023-07-28T13:26:46.476Z",
"dateUpdated": "2024-10-03T18:21:46.144Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-43836 (GCVE-0-2021-43836)
Vulnerability from nvd – Published: 2021-12-15 20:10 – Updated: 2024-08-04 04:10
VLAI
Title
PHP file inclusion in the Sulu admin panel
Summary
Sulu is an open-source PHP content management system based on the Symfony framework. In affected versions an attacker can read arbitrary local files via a PHP file include. In a default configuration this also leads to remote code execution. The problem is patched with the Versions 1.6.44, 2.2.18, 2.3.8, 2.4.0. For users unable to upgrade overwrite the service `sulu_route.generator.expression_token_provider` and wrap the translator before passing it to the expression language.
Severity
8.5 (High)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/sulu/sulu/security/advisories/… | x_refsource_CONFIRM |
| https://github.com/sulu/sulu/commit/9c948f9ce350c… | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:10:16.325Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-vx6j-pjrh-vgjh"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sulu/sulu/commit/9c948f9ce350c68b53af8c3910e2cefc7f722b54"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "sulu",
"vendor": "sulu",
"versions": [
{
"status": "affected",
"version": "\u003c 1.6.44"
},
{
"status": "affected",
"version": "\u003e= 2.0.0, \u003c 2.2.18"
},
{
"status": "affected",
"version": "\u003e= 2.3.0, \u003c 2.3.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sulu is an open-source PHP content management system based on the Symfony framework. In affected versions an attacker can read arbitrary local files via a PHP file include. In a default configuration this also leads to remote code execution. The problem is patched with the Versions 1.6.44, 2.2.18, 2.3.8, 2.4.0. For users unable to upgrade overwrite the service `sulu_route.generator.expression_token_provider` and wrap the translator before passing it to the expression language."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-15T20:10:09.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-vx6j-pjrh-vgjh"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sulu/sulu/commit/9c948f9ce350c68b53af8c3910e2cefc7f722b54"
}
],
"source": {
"advisory": "GHSA-vx6j-pjrh-vgjh",
"discovery": "UNKNOWN"
},
"title": "PHP file inclusion in the Sulu admin panel",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-43836",
"STATE": "PUBLIC",
"TITLE": "PHP file inclusion in the Sulu admin panel"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "sulu",
"version": {
"version_data": [
{
"version_value": "\u003c 1.6.44"
},
{
"version_value": "\u003e= 2.0.0, \u003c 2.2.18"
},
{
"version_value": "\u003e= 2.3.0, \u003c 2.3.8"
}
]
}
}
]
},
"vendor_name": "sulu"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sulu is an open-source PHP content management system based on the Symfony framework. In affected versions an attacker can read arbitrary local files via a PHP file include. In a default configuration this also leads to remote code execution. The problem is patched with the Versions 1.6.44, 2.2.18, 2.3.8, 2.4.0. For users unable to upgrade overwrite the service `sulu_route.generator.expression_token_provider` and wrap the translator before passing it to the expression language."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/sulu/sulu/security/advisories/GHSA-vx6j-pjrh-vgjh",
"refsource": "CONFIRM",
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-vx6j-pjrh-vgjh"
},
{
"name": "https://github.com/sulu/sulu/commit/9c948f9ce350c68b53af8c3910e2cefc7f722b54",
"refsource": "MISC",
"url": "https://github.com/sulu/sulu/commit/9c948f9ce350c68b53af8c3910e2cefc7f722b54"
}
]
},
"source": {
"advisory": "GHSA-vx6j-pjrh-vgjh",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-43836",
"datePublished": "2021-12-15T20:10:10.000Z",
"dateReserved": "2021-11-16T00:00:00.000Z",
"dateUpdated": "2024-08-04T04:10:16.325Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-43835 (GCVE-0-2021-43835)
Vulnerability from nvd – Published: 2021-12-15 20:00 – Updated: 2024-08-04 04:10
VLAI
Title
Privilege escalation in the Sulu Admin panel
Summary
Sulu is an open-source PHP content management system based on the Symfony framework. In affected versions Sulu users who have access to any subset of the admin UI are able to elevate their privilege. Over the API it was possible for them to give themselves permissions to areas which they did not already had. This issue was introduced in 2.0.0-RC1 with the new ProfileController putAction. The versions have been patched in 2.2.18, 2.3.8 and 2.4.0. For users unable to upgrade the only known workaround is to apply a patch to the ProfileController manually.
Severity
7.2 (High)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/sulu/sulu/security/advisories/… | x_refsource_CONFIRM |
| https://github.com/sulu/sulu/commit/30bf8b5a4f83b… | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:10:15.699Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-84px-q68r-2fc9"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sulu/sulu/commit/30bf8b5a4f83b6f2171a696011757d095edaa28a"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "sulu",
"vendor": "sulu",
"versions": [
{
"status": "affected",
"version": "\u003e= 2.0.0, \u003c 2.2.18"
},
{
"status": "affected",
"version": "\u003e= 2.3.0, \u003c 2.3.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sulu is an open-source PHP content management system based on the Symfony framework. In affected versions Sulu users who have access to any subset of the admin UI are able to elevate their privilege. Over the API it was possible for them to give themselves permissions to areas which they did not already had. This issue was introduced in 2.0.0-RC1 with the new ProfileController putAction. The versions have been patched in 2.2.18, 2.3.8 and 2.4.0. For users unable to upgrade the only known workaround is to apply a patch to the ProfileController manually."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269: Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-15T20:00:16.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-84px-q68r-2fc9"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sulu/sulu/commit/30bf8b5a4f83b6f2171a696011757d095edaa28a"
}
],
"source": {
"advisory": "GHSA-84px-q68r-2fc9",
"discovery": "UNKNOWN"
},
"title": "Privilege escalation in the Sulu Admin panel",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-43835",
"STATE": "PUBLIC",
"TITLE": "Privilege escalation in the Sulu Admin panel"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "sulu",
"version": {
"version_data": [
{
"version_value": "\u003e= 2.0.0, \u003c 2.2.18"
},
{
"version_value": "\u003e= 2.3.0, \u003c 2.3.8"
}
]
}
}
]
},
"vendor_name": "sulu"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sulu is an open-source PHP content management system based on the Symfony framework. In affected versions Sulu users who have access to any subset of the admin UI are able to elevate their privilege. Over the API it was possible for them to give themselves permissions to areas which they did not already had. This issue was introduced in 2.0.0-RC1 with the new ProfileController putAction. The versions have been patched in 2.2.18, 2.3.8 and 2.4.0. For users unable to upgrade the only known workaround is to apply a patch to the ProfileController manually."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269: Improper Privilege Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/sulu/sulu/security/advisories/GHSA-84px-q68r-2fc9",
"refsource": "CONFIRM",
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-84px-q68r-2fc9"
},
{
"name": "https://github.com/sulu/sulu/commit/30bf8b5a4f83b6f2171a696011757d095edaa28a",
"refsource": "MISC",
"url": "https://github.com/sulu/sulu/commit/30bf8b5a4f83b6f2171a696011757d095edaa28a"
}
]
},
"source": {
"advisory": "GHSA-84px-q68r-2fc9",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-43835",
"datePublished": "2021-12-15T20:00:16.000Z",
"dateReserved": "2021-11-16T00:00:00.000Z",
"dateUpdated": "2024-08-04T04:10:15.699Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-41169 (GCVE-0-2021-41169)
Vulnerability from nvd – Published: 2021-10-21 20:25 – Updated: 2024-08-04 02:59
VLAI
Title
Improper Neutralization HTML tags in sulu/sulu
Summary
Sulu is an open-source PHP content management system based on the Symfony framework. In versions before 1.6.43 are subject to stored cross site scripting attacks. HTML input into Tag names is not properly sanitized. Only admin users are allowed to create tags. Users are advised to upgrade.
Severity
6.2 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/sulu/sulu/security/advisories/… | x_refsource_CONFIRM |
| https://github.com/sulu/sulu/commit/20007ac70a3af… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:59:31.756Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-h58v-g3q6-q9fx"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sulu/sulu/commit/20007ac70a3af3c9e53a6acb0ef8794b65642445"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "sulu",
"vendor": "sulu",
"versions": [
{
"status": "affected",
"version": "\u003c 1.6.43"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sulu is an open-source PHP content management system based on the Symfony framework. In versions before 1.6.43 are subject to stored cross site scripting attacks. HTML input into Tag names is not properly sanitized. Only admin users are allowed to create tags. Users are advised to upgrade."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-21T20:25:10.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-h58v-g3q6-q9fx"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sulu/sulu/commit/20007ac70a3af3c9e53a6acb0ef8794b65642445"
}
],
"source": {
"advisory": "GHSA-h58v-g3q6-q9fx",
"discovery": "UNKNOWN"
},
"title": "Improper Neutralization HTML tags in sulu/sulu",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-41169",
"STATE": "PUBLIC",
"TITLE": "Improper Neutralization HTML tags in sulu/sulu"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "sulu",
"version": {
"version_data": [
{
"version_value": "\u003c 1.6.43"
}
]
}
}
]
},
"vendor_name": "sulu"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sulu is an open-source PHP content management system based on the Symfony framework. In versions before 1.6.43 are subject to stored cross site scripting attacks. HTML input into Tag names is not properly sanitized. Only admin users are allowed to create tags. Users are advised to upgrade."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/sulu/sulu/security/advisories/GHSA-h58v-g3q6-q9fx",
"refsource": "CONFIRM",
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-h58v-g3q6-q9fx"
},
{
"name": "https://github.com/sulu/sulu/commit/20007ac70a3af3c9e53a6acb0ef8794b65642445",
"refsource": "MISC",
"url": "https://github.com/sulu/sulu/commit/20007ac70a3af3c9e53a6acb0ef8794b65642445"
}
]
},
"source": {
"advisory": "GHSA-h58v-g3q6-q9fx",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-41169",
"datePublished": "2021-10-21T20:25:10.000Z",
"dateReserved": "2021-09-15T00:00:00.000Z",
"dateUpdated": "2024-08-04T02:59:31.756Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-32737 (GCVE-0-2021-32737)
Vulnerability from nvd – Published: 2021-07-02 17:55 – Updated: 2024-08-03 23:33
VLAI
Title
XSS Injection in Media Collection Title was possible
Summary
Sulu is an open-source PHP content management system based on the Symfony framework. In versions of Sulu prior to 1.6.41, it is possible for a logged in admin user to add a script injection (cross-site-scripting) in the collection title. The problem is patched in version 1.6.41. As a workaround, one may manually patch the affected JavaScript files in lieu of updating.
Severity
8.4 (High)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/sulu/sulu/security/advisories/… | x_refsource_CONFIRM |
| https://github.com/sulu/sulu/releases/tag/1.6.41 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:33:55.802Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-gm2x-6475-g9r8"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sulu/sulu/releases/tag/1.6.41"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "sulu",
"vendor": "sulu",
"versions": [
{
"status": "affected",
"version": "\u003c 1.6.41"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sulu is an open-source PHP content management system based on the Symfony framework. In versions of Sulu prior to 1.6.41, it is possible for a logged in admin user to add a script injection (cross-site-scripting) in the collection title. The problem is patched in version 1.6.41. As a workaround, one may manually patch the affected JavaScript files in lieu of updating."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-02T17:55:09.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-gm2x-6475-g9r8"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sulu/sulu/releases/tag/1.6.41"
}
],
"source": {
"advisory": "GHSA-gm2x-6475-g9r8",
"discovery": "UNKNOWN"
},
"title": "XSS Injection in Media Collection Title was possible",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-32737",
"STATE": "PUBLIC",
"TITLE": "XSS Injection in Media Collection Title was possible"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "sulu",
"version": {
"version_data": [
{
"version_value": "\u003c 1.6.41"
}
]
}
}
]
},
"vendor_name": "sulu"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sulu is an open-source PHP content management system based on the Symfony framework. In versions of Sulu prior to 1.6.41, it is possible for a logged in admin user to add a script injection (cross-site-scripting) in the collection title. The problem is patched in version 1.6.41. As a workaround, one may manually patch the affected JavaScript files in lieu of updating."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/sulu/sulu/security/advisories/GHSA-gm2x-6475-g9r8",
"refsource": "CONFIRM",
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-gm2x-6475-g9r8"
},
{
"name": "https://github.com/sulu/sulu/releases/tag/1.6.41",
"refsource": "MISC",
"url": "https://github.com/sulu/sulu/releases/tag/1.6.41"
}
]
},
"source": {
"advisory": "GHSA-gm2x-6475-g9r8",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-32737",
"datePublished": "2021-07-02T17:55:09.000Z",
"dateReserved": "2021-05-12T00:00:00.000Z",
"dateUpdated": "2024-08-03T23:33:55.802Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-15132 (GCVE-0-2020-15132)
Vulnerability from nvd – Published: 2020-08-05 20:30 – Updated: 2024-08-04 13:08
VLAI
Title
Reset Password / Login vulnerability in Sulu
Summary
In Sulu before versions 1.6.35, 2.0.10, and 2.1.1, when the "Forget password" feature on the login screen is used, Sulu asks the user for a username or email address. If the given string is not found, a response with a `400` error code is returned, along with a error message saying that this user name does not exist. This enables attackers to retrieve valid usernames. Also, the response of the "Forgot Password" request returns the email address to which the email was sent, if the operation was successful. This information should not be exposed, as it can be used to gather email addresses. This problem was fixed in versions 1.6.35, 2.0.10 and 2.1.1.
Severity
5.3 (Medium)
CWE
- CWE-209 - Generation of Error Message Containing Sensitive Information
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/sulu/sulu/security/advisories/… | x_refsource_CONFIRM |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:08:22.435Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-wfm4-pq59-wg6r"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "sulu",
"vendor": "sulu",
"versions": [
{
"status": "affected",
"version": "\u003c 1.6.35"
},
{
"status": "affected",
"version": "\u003e= 2.0.0, \u003c 2.0.10"
},
{
"status": "affected",
"version": "= 2.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Sulu before versions 1.6.35, 2.0.10, and 2.1.1, when the \"Forget password\" feature on the login screen is used, Sulu asks the user for a username or email address. If the given string is not found, a response with a `400` error code is returned, along with a error message saying that this user name does not exist. This enables attackers to retrieve valid usernames. Also, the response of the \"Forgot Password\" request returns the email address to which the email was sent, if the operation was successful. This information should not be exposed, as it can be used to gather email addresses. This problem was fixed in versions 1.6.35, 2.0.10 and 2.1.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-209",
"description": "CWE-209: Generation of Error Message Containing Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-05T20:30:13.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-wfm4-pq59-wg6r"
}
],
"source": {
"advisory": "GHSA-wfm4-pq59-wg6r",
"discovery": "UNKNOWN"
},
"title": "Reset Password / Login vulnerability in Sulu",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2020-15132",
"STATE": "PUBLIC",
"TITLE": "Reset Password / Login vulnerability in Sulu"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "sulu",
"version": {
"version_data": [
{
"version_value": "\u003c 1.6.35"
},
{
"version_value": "\u003e= 2.0.0, \u003c 2.0.10"
},
{
"version_value": "= 2.1.0"
}
]
}
}
]
},
"vendor_name": "sulu"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Sulu before versions 1.6.35, 2.0.10, and 2.1.1, when the \"Forget password\" feature on the login screen is used, Sulu asks the user for a username or email address. If the given string is not found, a response with a `400` error code is returned, along with a error message saying that this user name does not exist. This enables attackers to retrieve valid usernames. Also, the response of the \"Forgot Password\" request returns the email address to which the email was sent, if the operation was successful. This information should not be exposed, as it can be used to gather email addresses. This problem was fixed in versions 1.6.35, 2.0.10 and 2.1.1."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-209: Generation of Error Message Containing Sensitive Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/sulu/sulu/security/advisories/GHSA-wfm4-pq59-wg6r",
"refsource": "CONFIRM",
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-wfm4-pq59-wg6r"
}
]
},
"source": {
"advisory": "GHSA-wfm4-pq59-wg6r",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2020-15132",
"datePublished": "2020-08-05T20:30:13.000Z",
"dateReserved": "2020-06-25T00:00:00.000Z",
"dateUpdated": "2024-08-04T13:08:22.435Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-1000465 (GCVE-0-2017-1000465)
Vulnerability from nvd – Published: 2018-01-09 22:00 – Updated: 2024-09-16 16:38
VLAI
Summary
Sulu-standard version 1.6.6 is vulnerable to stored cross-site scripting vulnerability, within the page creation page, which can result in disruption of service and execution of javascript code.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/sulu/sulu-standard/issues/835 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:00:41.323Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/sulu/sulu-standard/issues/835"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"dateAssigned": "2017-12-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Sulu-standard version 1.6.6 is vulnerable to stored cross-site scripting vulnerability, within the page creation page, which can result in disruption of service and execution of javascript code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-09T22:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/sulu/sulu-standard/issues/835"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED": "2017-12-29",
"ID": "CVE-2017-1000465",
"REQUESTER": "sajeeb.lohani@bulletproof.sh",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sulu-standard version 1.6.6 is vulnerable to stored cross-site scripting vulnerability, within the page creation page, which can result in disruption of service and execution of javascript code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/sulu/sulu-standard/issues/835",
"refsource": "CONFIRM",
"url": "https://github.com/sulu/sulu-standard/issues/835"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-1000465",
"datePublished": "2018-01-09T22:00:00.000Z",
"dateReserved": "2018-01-09T00:00:00.000Z",
"dateUpdated": "2024-09-16T16:38:03.785Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2026-45701 (GCVE-0-2026-45701)
Vulnerability from cvelistv5 – Published: 2026-06-01 16:09 – Updated: 2026-06-01 19:07
VLAI
Title
Sulu: Weak Cryptographical usage for API Key generation and Reset Tokens
Summary
Sulu is an open-source PHP content management system based on the Symfony framework. Prior to versions 2.6.23 and 3.0.6, the password reset tokenand API key generation uses a weak cryptographical hash algorithm. This issue has been patched in versions 2.6.23 and 3.0.6.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/sulu/sulu/security/advisories/… | x_refsource_CONFIRM |
| https://github.com/sulu/sulu/releases/tag/2.6.23 | x_refsource_MISC |
| https://github.com/sulu/sulu/releases/tag/3.0.6 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-45701",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-01T19:07:06.813610Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T19:07:13.574Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "sulu",
"vendor": "sulu",
"versions": [
{
"status": "affected",
"version": "\u003c 2.6.23"
},
{
"status": "affected",
"version": "\u003e= 3.0.0-alpha1, \u003c 3.0.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sulu is an open-source PHP content management system based on the Symfony framework. Prior to versions 2.6.23 and 3.0.6, the password reset tokenand API key generation uses a weak cryptographical hash algorithm. This issue has been patched in versions 2.6.23 and 3.0.6."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-327",
"description": "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T16:09:21.477Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/sulu/sulu/security/advisories/GHSA-7fv8-6pp7-6h85",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-7fv8-6pp7-6h85"
},
{
"name": "https://github.com/sulu/sulu/releases/tag/2.6.23",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sulu/sulu/releases/tag/2.6.23"
},
{
"name": "https://github.com/sulu/sulu/releases/tag/3.0.6",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sulu/sulu/releases/tag/3.0.6"
}
],
"source": {
"advisory": "GHSA-7fv8-6pp7-6h85",
"discovery": "UNKNOWN"
},
"title": "Sulu: Weak Cryptographical usage for API Key generation and Reset Tokens"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-45701",
"datePublished": "2026-06-01T16:09:21.477Z",
"dateReserved": "2026-05-13T04:38:01.165Z",
"dateUpdated": "2026-06-01T19:07:13.574Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-34372 (GCVE-0-2026-34372)
Vulnerability from cvelistv5 – Published: 2026-03-31 20:19 – Updated: 2026-03-31 20:29
VLAI
Title
Sulu checks fix permissions for subentities endpoints
Summary
Sulu is an open-source PHP content management system based on the Symfony framework. From versions 1.0.0 to before 2.6.22, and 3.0.0 to before 3.0.5, a user which has permission for the Sulu Admin via at least one role could have access to the sub-entities of contacts via the admin API without even have permission for contacts. This issue has been patched in versions 2.6.22 and 3.0.5.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/sulu/sulu/security/advisories/… | x_refsource_CONFIRM |
| https://github.com/sulu/sulu/releases/tag/2.6.22 | x_refsource_MISC |
| https://github.com/sulu/sulu/releases/tag/3.0.5 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-34372",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-31T20:29:06.573205Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-31T20:29:14.584Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "sulu",
"vendor": "sulu",
"versions": [
{
"status": "affected",
"version": "\u003e= 1.0.0, \u003c 2.6.22"
},
{
"status": "affected",
"version": "\u003e= 3.0.0, \u003c 3.0.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sulu is an open-source PHP content management system based on the Symfony framework. From versions 1.0.0 to before 2.6.22, and 3.0.0 to before 3.0.5, a user which has permission for the Sulu Admin via at least one role could have access to the sub-entities of contacts via the admin API without even have permission for contacts. This issue has been patched in versions 2.6.22 and 3.0.5."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "CWE-288: Authentication Bypass Using an Alternate Path or Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-31T20:19:32.601Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/sulu/sulu/security/advisories/GHSA-6h7h-m7p5-hjqp",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-6h7h-m7p5-hjqp"
},
{
"name": "https://github.com/sulu/sulu/releases/tag/2.6.22",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sulu/sulu/releases/tag/2.6.22"
},
{
"name": "https://github.com/sulu/sulu/releases/tag/3.0.5",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sulu/sulu/releases/tag/3.0.5"
}
],
"source": {
"advisory": "GHSA-6h7h-m7p5-hjqp",
"discovery": "UNKNOWN"
},
"title": "Sulu checks fix permissions for subentities endpoints"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-34372",
"datePublished": "2026-03-31T20:19:32.601Z",
"dateReserved": "2026-03-27T13:43:14.369Z",
"dateUpdated": "2026-03-31T20:29:14.584Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-47778 (GCVE-0-2025-47778)
Vulnerability from cvelistv5 – Published: 2025-05-14 15:29 – Updated: 2025-05-14 18:13
VLAI
Title
Sulu vulnerable to XXE in SVG File upload Inspector
Summary
Sulu is an open-source PHP content management system based on the Symfony framework. Starting in versions 2.5.21, 2.6.5, and 3.0.0-alpha1, an admin user can upload SVG which may load external data via XML DOM library. This can be used for insecure XML External Entity References. The problem has been patched in versions 2.6.9, 2.5.25, and 3.0.0-alpha3. As a workaround, one may patch the effect file `src/Sulu/Bundle/MediaBundle/FileInspector/SvgFileInspector.php` manually.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-611 - Improper Restriction of XML External Entity Reference
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/sulu/sulu/security/advisories/… | x_refsource_CONFIRM |
| https://github.com/sulu/sulu/commit/02f52fca04eb9… | x_refsource_MISC |
| https://github.com/sulu/sulu/blob/2.6/src/Sulu/Bu… | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-47778",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-14T18:13:08.671516Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-14T18:13:14.564Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "sulu",
"vendor": "sulu",
"versions": [
{
"status": "affected",
"version": "\u003e= 2.5.21, \u003c 2.5.25"
},
{
"status": "affected",
"version": "\u003e= 2.6.5, \u003c 2.6.9"
},
{
"status": "affected",
"version": "\u003e= 3.0.0-alpha1, \u003c 3.0.0-alpha3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sulu is an open-source PHP content management system based on the Symfony framework. Starting in versions 2.5.21, 2.6.5, and 3.0.0-alpha1, an admin user can upload SVG which may load external data via XML DOM library. This can be used for insecure XML External Entity References. The problem has been patched in versions 2.6.9, 2.5.25, and 3.0.0-alpha3. As a workaround, one may patch the effect file `src/Sulu/Bundle/MediaBundle/FileInspector/SvgFileInspector.php` manually."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"privilegesRequired": "HIGH",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611: Improper Restriction of XML External Entity Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-14T15:29:08.187Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/sulu/sulu/security/advisories/GHSA-f6rx-hf55-4255",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-f6rx-hf55-4255"
},
{
"name": "https://github.com/sulu/sulu/commit/02f52fca04eb9495b9b4a0c5cc64cf23bc27f544",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sulu/sulu/commit/02f52fca04eb9495b9b4a0c5cc64cf23bc27f544"
},
{
"name": "https://github.com/sulu/sulu/blob/2.6/src/Sulu/Bundle/MediaBundle/FileInspector/SvgFileInspector.php",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sulu/sulu/blob/2.6/src/Sulu/Bundle/MediaBundle/FileInspector/SvgFileInspector.php"
}
],
"source": {
"advisory": "GHSA-f6rx-hf55-4255",
"discovery": "UNKNOWN"
},
"title": "Sulu vulnerable to XXE in SVG File upload Inspector"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-47778",
"datePublished": "2025-05-14T15:29:08.187Z",
"dateReserved": "2025-05-09T19:49:35.620Z",
"dateUpdated": "2025-05-14T18:13:14.564Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47617 (GCVE-0-2024-47617)
Vulnerability from cvelistv5 – Published: 2024-10-03 14:24 – Updated: 2024-10-08 13:33
VLAI
Title
Reflected XSS Vulnerability in Sulu Media Bundle
Summary
Sulu is a PHP content management system. This vulnerability allows an attacker to inject arbitrary HTML/JavaScript code through the media download URL in Sulu CMS. It affects the SuluMediaBundle component. The vulnerability is a Reflected Cross-Site Scripting (XSS) issue, which could potentially allow attackers to steal sensitive information, manipulate the website's content, or perform actions on behalf of the victim. This vulnerability is fixed in 2.6.5 and 2.5.21.
Severity
6.1 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/sulu/sulu/security/advisories/… | x_refsource_CONFIRM |
| https://github.com/sulu/sulu/commit/a5a5ae555d282… | x_refsource_MISC |
| https://github.com/sulu/sulu/commit/eeacd14b6cf55… | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47617",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-03T14:38:49.459437Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T13:33:43.219Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "sulu",
"vendor": "sulu",
"versions": [
{
"status": "affected",
"version": "\u003e= 2.6.4, \u003c 2.6.5"
},
{
"status": "affected",
"version": "\u003e= 2.5.20, \u003c 2.5.21"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sulu is a PHP content management system. This vulnerability allows an attacker to inject arbitrary HTML/JavaScript code through the media download URL in Sulu CMS. It affects the SuluMediaBundle component. The vulnerability is a Reflected Cross-Site Scripting (XSS) issue, which could potentially allow attackers to steal sensitive information, manipulate the website\u0027s content, or perform actions on behalf of the victim. This vulnerability is fixed in 2.6.5 and 2.5.21."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-03T14:24:44.300Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/sulu/sulu/security/advisories/GHSA-6784-9c82-vr85",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-6784-9c82-vr85"
},
{
"name": "https://github.com/sulu/sulu/commit/a5a5ae555d282e88ff8559d38cfb46dea7939bda",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sulu/sulu/commit/a5a5ae555d282e88ff8559d38cfb46dea7939bda"
},
{
"name": "https://github.com/sulu/sulu/commit/eeacd14b6cf55f710084788140d40ebb00314b29",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sulu/sulu/commit/eeacd14b6cf55f710084788140d40ebb00314b29"
}
],
"source": {
"advisory": "GHSA-6784-9c82-vr85",
"discovery": "UNKNOWN"
},
"title": "Reflected XSS Vulnerability in Sulu Media Bundle"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-47617",
"datePublished": "2024-10-03T14:24:44.300Z",
"dateReserved": "2024-09-27T20:37:22.121Z",
"dateUpdated": "2024-10-08T13:33:43.219Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47618 (GCVE-0-2024-47618)
Vulnerability from cvelistv5 – Published: 2024-10-03 14:18 – Updated: 2024-10-18 14:42
VLAI
Title
Sulu vulnerable to XSS via uploaded SVG
Summary
Sulu is a PHP content management system. Sulu is vulnerable against XSS whereas a low privileged user with access to the “Media” section can upload an SVG file with a malicious payload. Once uploaded and accessed, the malicious javascript will be executed on the victims’ (other users including admins) browsers. This issue is fixed in 2.6.5.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/sulu/sulu/security/advisories/… | x_refsource_CONFIRM |
| https://github.com/sulu/sulu/commit/ca72f75eebe41… | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47618",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T13:20:32.450553Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T13:34:22.787Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "sulu",
"vendor": "sulu",
"versions": [
{
"status": "affected",
"version": "\u003e= 2.0.0-RC1, \u003c 2.5.21"
},
{
"status": "affected",
"version": "\u003e= 2.6.0-RC1, \u003c 2.6.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sulu is a PHP content management system. Sulu is vulnerable against XSS whereas a low privileged user with access to the \u201cMedia\u201d section can upload an SVG file with a malicious payload. Once uploaded and accessed, the malicious javascript will be executed on the victims\u2019 (other users including admins) browsers. This issue is fixed in 2.6.5."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "PASSIVE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T14:42:45.592Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/sulu/sulu/security/advisories/GHSA-255w-87rh-rg44",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-255w-87rh-rg44"
},
{
"name": "https://github.com/sulu/sulu/commit/ca72f75eebe41ea7726624d8aea7da6c425f1eb9",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sulu/sulu/commit/ca72f75eebe41ea7726624d8aea7da6c425f1eb9"
}
],
"source": {
"advisory": "GHSA-255w-87rh-rg44",
"discovery": "UNKNOWN"
},
"title": "Sulu vulnerable to XSS via uploaded SVG"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-47618",
"datePublished": "2024-10-03T14:18:02.129Z",
"dateReserved": "2024-09-27T20:37:22.121Z",
"dateUpdated": "2024-10-18T14:42:45.592Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-37156 (GCVE-0-2024-37156)
Vulnerability from cvelistv5 – Published: 2024-06-06 16:03 – Updated: 2024-08-02 03:50
VLAI
Title
TokenController formName not sanitized in hidden input
Summary
The SuluFormBundle adds support for creating dynamic forms in Sulu Admin. The TokenController get parameter formName is not sanitized in the returned input field which leads to XSS. This vulnerability is fixed in 2.5.3.
Severity
6.1 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/sulu/SuluFormBundle/security/a… | x_refsource_CONFIRM |
| https://github.com/sulu/SuluFormBundle/commit/3f3… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| sulu | SuluFormBundle |
Affected:
>=2.0.0, < 2.5.3
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-37156",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-19T12:57:53.699448Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-19T20:48:56.217Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:50:54.830Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/sulu/SuluFormBundle/security/advisories/GHSA-rrvc-c7xg-7cf3",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/sulu/SuluFormBundle/security/advisories/GHSA-rrvc-c7xg-7cf3"
},
{
"name": "https://github.com/sulu/SuluFormBundle/commit/3f341b71a7309cbc8fd2c5bff894c654d1679b17",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sulu/SuluFormBundle/commit/3f341b71a7309cbc8fd2c5bff894c654d1679b17"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SuluFormBundle",
"vendor": "sulu",
"versions": [
{
"status": "affected",
"version": "\u003e=2.0.0, \u003c 2.5.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The SuluFormBundle adds support for creating dynamic forms in Sulu Admin. The TokenController get parameter formName is not sanitized in the returned input field which leads to XSS. This vulnerability is fixed in 2.5.3."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-80",
"description": "CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T16:03:46.771Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/sulu/SuluFormBundle/security/advisories/GHSA-rrvc-c7xg-7cf3",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/sulu/SuluFormBundle/security/advisories/GHSA-rrvc-c7xg-7cf3"
},
{
"name": "https://github.com/sulu/SuluFormBundle/commit/3f341b71a7309cbc8fd2c5bff894c654d1679b17",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sulu/SuluFormBundle/commit/3f341b71a7309cbc8fd2c5bff894c654d1679b17"
}
],
"source": {
"advisory": "GHSA-rrvc-c7xg-7cf3",
"discovery": "UNKNOWN"
},
"title": "TokenController formName not sanitized in hidden input"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-37156",
"datePublished": "2024-06-06T16:03:46.771Z",
"dateReserved": "2024-06-03T17:29:38.329Z",
"dateUpdated": "2024-08-02T03:50:54.830Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-27915 (GCVE-0-2024-27915)
Vulnerability from cvelistv5 – Published: 2024-03-06 19:33 – Updated: 2025-04-16 15:54
VLAI
Title
Sulu grants access to pages regardless of role permissions
Summary
Sulu is a PHP content management system. Starting in verson 2.2.0 and prior to version 2.4.17 and 2.5.13, access to pages is granted regardless of role permissions for webspaces which have a security system configured and permission check enabled. Webspaces without do not have this issue. The problem is patched in versions 2.4.17 and 2.5.13. Some workarounds are available. One may apply the patch to `vendor/symfony/security-http/HttpUtils.php` manually or avoid installing `symfony/security-http` versions greater equal than `v5.4.30` or `v6.3.6`.
Severity
6.8 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/sulu/sulu/security/advisories/… | x_refsource_CONFIRM |
| https://github.com/sulu/sulu/commit/ec9c3f99e1533… | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:sulu:sulu:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sulu",
"vendor": "sulu",
"versions": [
{
"lessThan": "2.4.17",
"status": "affected",
"version": "2.2.0",
"versionType": "custom"
},
{
"lessThan": "2.5.13",
"status": "affected",
"version": "2.5.0-alpha1",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27915",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-07T16:35:44.612681Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T15:54:40.497Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:41:55.581Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/sulu/sulu/security/advisories/GHSA-jr83-m233-gg6p",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-jr83-m233-gg6p"
},
{
"name": "https://github.com/sulu/sulu/commit/ec9c3f99e15336dc4f6877f512300f231c17c6da",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sulu/sulu/commit/ec9c3f99e15336dc4f6877f512300f231c17c6da"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "sulu",
"vendor": "sulu",
"versions": [
{
"status": "affected",
"version": "\u003e= 2.2.0, \u003c 2.4.17"
},
{
"status": "affected",
"version": "\u003e= 2.5.0-alpha1, \u003c 2.5.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sulu is a PHP content management system. Starting in verson 2.2.0 and prior to version 2.4.17 and 2.5.13, access to pages is granted regardless of role permissions for webspaces which have a security system configured and permission check enabled. Webspaces without do not have this issue. The problem is patched in versions 2.4.17 and 2.5.13. Some workarounds are available. One may apply the patch to `vendor/symfony/security-http/HttpUtils.php` manually or avoid installing `symfony/security-http` versions greater equal than `v5.4.30` or `v6.3.6`."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-06T19:33:11.798Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/sulu/sulu/security/advisories/GHSA-jr83-m233-gg6p",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-jr83-m233-gg6p"
},
{
"name": "https://github.com/sulu/sulu/commit/ec9c3f99e15336dc4f6877f512300f231c17c6da",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sulu/sulu/commit/ec9c3f99e15336dc4f6877f512300f231c17c6da"
}
],
"source": {
"advisory": "GHSA-jr83-m233-gg6p",
"discovery": "UNKNOWN"
},
"title": "Sulu grants access to pages regardless of role permissions"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-27915",
"datePublished": "2024-03-06T19:33:11.798Z",
"dateReserved": "2024-02-28T15:14:14.213Z",
"dateUpdated": "2025-04-16T15:54:40.497Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-24807 (GCVE-0-2024-24807)
Vulnerability from cvelistv5 – Published: 2024-02-05 20:09 – Updated: 2024-08-01 23:28
VLAI
Title
Sulu is vulnerable to HTML Injection via Autocomplete Suggestion
Summary
Sulu is a highly extensible open-source PHP content management system based on the Symfony framework. There is an issue when inputting HTML into the Tag name. The HTML is executed when the tag name is listed in the auto complete form. Only admin users can create tags so they are the only ones affected. The problem is patched with version(s) 2.4.16 and 2.5.12.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-80 - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/sulu/sulu/security/advisories/… | x_refsource_CONFIRM |
| https://github.com/sulu/sulu/releases/tag/2.4.16 | x_refsource_MISC |
| https://github.com/sulu/sulu/releases/tag/2.5.12 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:sulu:sulu:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sulu",
"vendor": "sulu",
"versions": [
{
"status": "affected",
"version": "-"
}
]
},
{
"cpes": [
"cpe:2.3:a:sulu:sulu:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sulu",
"vendor": "sulu",
"versions": [
{
"status": "affected",
"version": "-"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-24807",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-06T19:25:07.228689Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:43:18.721Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:28:12.885Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/sulu/sulu/security/advisories/GHSA-gfrh-gwqc-63cv",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-gfrh-gwqc-63cv"
},
{
"name": "https://github.com/sulu/sulu/releases/tag/2.4.16",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sulu/sulu/releases/tag/2.4.16"
},
{
"name": "https://github.com/sulu/sulu/releases/tag/2.5.12",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sulu/sulu/releases/tag/2.5.12"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "sulu",
"vendor": "sulu",
"versions": [
{
"status": "affected",
"version": "\u003e= 2.0.0, \u003c 2.4.16"
},
{
"status": "affected",
"version": "\u003e= 2.5.0, \u003c 2.5.12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sulu is a highly extensible open-source PHP content management system based on the Symfony framework. There is an issue when inputting HTML into the Tag name. The HTML is executed when the tag name is listed in the auto complete form. Only admin users can create tags so they are the only ones affected. The problem is patched with version(s) 2.4.16 and 2.5.12."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-80",
"description": "CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-05T20:09:36.891Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/sulu/sulu/security/advisories/GHSA-gfrh-gwqc-63cv",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-gfrh-gwqc-63cv"
},
{
"name": "https://github.com/sulu/sulu/releases/tag/2.4.16",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sulu/sulu/releases/tag/2.4.16"
},
{
"name": "https://github.com/sulu/sulu/releases/tag/2.5.12",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sulu/sulu/releases/tag/2.5.12"
}
],
"source": {
"advisory": "GHSA-gfrh-gwqc-63cv",
"discovery": "UNKNOWN"
},
"title": "Sulu is vulnerable to HTML Injection via Autocomplete Suggestion"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-24807",
"datePublished": "2024-02-05T20:09:36.891Z",
"dateReserved": "2024-01-31T16:28:17.941Z",
"dateUpdated": "2024-08-01T23:28:12.885Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39343 (GCVE-0-2023-39343)
Vulnerability from cvelistv5 – Published: 2023-08-04 00:06 – Updated: 2024-10-03 18:21
VLAI
Title
Sulu Observable Response Discrepancy on Admin Login
Summary
Sulu is an open-source PHP content management system based on the Symfony framework. It allows over the Admin Login form to detect which user (username, email) exists and which one do not exist. Sulu Installation not using the old Symfony 5.4 security System and previous version are not impacted by this Security issue. The vulnerability has been patched in version 2.5.10.
Severity
4.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-204 - Observable Response Discrepancy
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/sulu/sulu/security/advisories/… | x_refsource_CONFIRM |
| https://github.com/sulu/sulu/commit/5f6c98ba030b2… | x_refsource_MISC |
| https://github.com/sulu/sulu/releases/tag/2.5.10 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:02:06.889Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/sulu/sulu/security/advisories/GHSA-wmwf-49vv-p3mr",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-wmwf-49vv-p3mr"
},
{
"name": "https://github.com/sulu/sulu/commit/5f6c98ba030b2005793e2dc647cc938937ea889b",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sulu/sulu/commit/5f6c98ba030b2005793e2dc647cc938937ea889b"
},
{
"name": "https://github.com/sulu/sulu/releases/tag/2.5.10",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sulu/sulu/releases/tag/2.5.10"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39343",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-03T18:21:36.480062Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-03T18:21:46.144Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "sulu",
"vendor": "sulu",
"versions": [
{
"status": "affected",
"version": "\u003e= 2.5.0, \u003c 2.5.10"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sulu is an open-source PHP content management system based on the Symfony framework. It allows over the Admin Login form to detect which user (username, email) exists and which one do not exist. Sulu Installation not using the old Symfony 5.4 security System and previous version are not impacted by this Security issue. The vulnerability has been patched in version 2.5.10. \n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-204",
"description": "CWE-204: Observable Response Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-04T00:06:29.997Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/sulu/sulu/security/advisories/GHSA-wmwf-49vv-p3mr",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-wmwf-49vv-p3mr"
},
{
"name": "https://github.com/sulu/sulu/commit/5f6c98ba030b2005793e2dc647cc938937ea889b",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sulu/sulu/commit/5f6c98ba030b2005793e2dc647cc938937ea889b"
},
{
"name": "https://github.com/sulu/sulu/releases/tag/2.5.10",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sulu/sulu/releases/tag/2.5.10"
}
],
"source": {
"advisory": "GHSA-wmwf-49vv-p3mr",
"discovery": "UNKNOWN"
},
"title": "Sulu Observable Response Discrepancy on Admin Login"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-39343",
"datePublished": "2023-08-04T00:06:29.997Z",
"dateReserved": "2023-07-28T13:26:46.476Z",
"dateUpdated": "2024-10-03T18:21:46.144Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-43836 (GCVE-0-2021-43836)
Vulnerability from cvelistv5 – Published: 2021-12-15 20:10 – Updated: 2024-08-04 04:10
VLAI
Title
PHP file inclusion in the Sulu admin panel
Summary
Sulu is an open-source PHP content management system based on the Symfony framework. In affected versions an attacker can read arbitrary local files via a PHP file include. In a default configuration this also leads to remote code execution. The problem is patched with the Versions 1.6.44, 2.2.18, 2.3.8, 2.4.0. For users unable to upgrade overwrite the service `sulu_route.generator.expression_token_provider` and wrap the translator before passing it to the expression language.
Severity
8.5 (High)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/sulu/sulu/security/advisories/… | x_refsource_CONFIRM |
| https://github.com/sulu/sulu/commit/9c948f9ce350c… | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:10:16.325Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-vx6j-pjrh-vgjh"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sulu/sulu/commit/9c948f9ce350c68b53af8c3910e2cefc7f722b54"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "sulu",
"vendor": "sulu",
"versions": [
{
"status": "affected",
"version": "\u003c 1.6.44"
},
{
"status": "affected",
"version": "\u003e= 2.0.0, \u003c 2.2.18"
},
{
"status": "affected",
"version": "\u003e= 2.3.0, \u003c 2.3.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sulu is an open-source PHP content management system based on the Symfony framework. In affected versions an attacker can read arbitrary local files via a PHP file include. In a default configuration this also leads to remote code execution. The problem is patched with the Versions 1.6.44, 2.2.18, 2.3.8, 2.4.0. For users unable to upgrade overwrite the service `sulu_route.generator.expression_token_provider` and wrap the translator before passing it to the expression language."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-15T20:10:09.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-vx6j-pjrh-vgjh"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sulu/sulu/commit/9c948f9ce350c68b53af8c3910e2cefc7f722b54"
}
],
"source": {
"advisory": "GHSA-vx6j-pjrh-vgjh",
"discovery": "UNKNOWN"
},
"title": "PHP file inclusion in the Sulu admin panel",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-43836",
"STATE": "PUBLIC",
"TITLE": "PHP file inclusion in the Sulu admin panel"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "sulu",
"version": {
"version_data": [
{
"version_value": "\u003c 1.6.44"
},
{
"version_value": "\u003e= 2.0.0, \u003c 2.2.18"
},
{
"version_value": "\u003e= 2.3.0, \u003c 2.3.8"
}
]
}
}
]
},
"vendor_name": "sulu"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sulu is an open-source PHP content management system based on the Symfony framework. In affected versions an attacker can read arbitrary local files via a PHP file include. In a default configuration this also leads to remote code execution. The problem is patched with the Versions 1.6.44, 2.2.18, 2.3.8, 2.4.0. For users unable to upgrade overwrite the service `sulu_route.generator.expression_token_provider` and wrap the translator before passing it to the expression language."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/sulu/sulu/security/advisories/GHSA-vx6j-pjrh-vgjh",
"refsource": "CONFIRM",
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-vx6j-pjrh-vgjh"
},
{
"name": "https://github.com/sulu/sulu/commit/9c948f9ce350c68b53af8c3910e2cefc7f722b54",
"refsource": "MISC",
"url": "https://github.com/sulu/sulu/commit/9c948f9ce350c68b53af8c3910e2cefc7f722b54"
}
]
},
"source": {
"advisory": "GHSA-vx6j-pjrh-vgjh",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-43836",
"datePublished": "2021-12-15T20:10:10.000Z",
"dateReserved": "2021-11-16T00:00:00.000Z",
"dateUpdated": "2024-08-04T04:10:16.325Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-43835 (GCVE-0-2021-43835)
Vulnerability from cvelistv5 – Published: 2021-12-15 20:00 – Updated: 2024-08-04 04:10
VLAI
Title
Privilege escalation in the Sulu Admin panel
Summary
Sulu is an open-source PHP content management system based on the Symfony framework. In affected versions Sulu users who have access to any subset of the admin UI are able to elevate their privilege. Over the API it was possible for them to give themselves permissions to areas which they did not already had. This issue was introduced in 2.0.0-RC1 with the new ProfileController putAction. The versions have been patched in 2.2.18, 2.3.8 and 2.4.0. For users unable to upgrade the only known workaround is to apply a patch to the ProfileController manually.
Severity
7.2 (High)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/sulu/sulu/security/advisories/… | x_refsource_CONFIRM |
| https://github.com/sulu/sulu/commit/30bf8b5a4f83b… | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:10:15.699Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-84px-q68r-2fc9"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sulu/sulu/commit/30bf8b5a4f83b6f2171a696011757d095edaa28a"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "sulu",
"vendor": "sulu",
"versions": [
{
"status": "affected",
"version": "\u003e= 2.0.0, \u003c 2.2.18"
},
{
"status": "affected",
"version": "\u003e= 2.3.0, \u003c 2.3.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sulu is an open-source PHP content management system based on the Symfony framework. In affected versions Sulu users who have access to any subset of the admin UI are able to elevate their privilege. Over the API it was possible for them to give themselves permissions to areas which they did not already had. This issue was introduced in 2.0.0-RC1 with the new ProfileController putAction. The versions have been patched in 2.2.18, 2.3.8 and 2.4.0. For users unable to upgrade the only known workaround is to apply a patch to the ProfileController manually."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269: Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-15T20:00:16.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-84px-q68r-2fc9"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sulu/sulu/commit/30bf8b5a4f83b6f2171a696011757d095edaa28a"
}
],
"source": {
"advisory": "GHSA-84px-q68r-2fc9",
"discovery": "UNKNOWN"
},
"title": "Privilege escalation in the Sulu Admin panel",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-43835",
"STATE": "PUBLIC",
"TITLE": "Privilege escalation in the Sulu Admin panel"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "sulu",
"version": {
"version_data": [
{
"version_value": "\u003e= 2.0.0, \u003c 2.2.18"
},
{
"version_value": "\u003e= 2.3.0, \u003c 2.3.8"
}
]
}
}
]
},
"vendor_name": "sulu"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sulu is an open-source PHP content management system based on the Symfony framework. In affected versions Sulu users who have access to any subset of the admin UI are able to elevate their privilege. Over the API it was possible for them to give themselves permissions to areas which they did not already had. This issue was introduced in 2.0.0-RC1 with the new ProfileController putAction. The versions have been patched in 2.2.18, 2.3.8 and 2.4.0. For users unable to upgrade the only known workaround is to apply a patch to the ProfileController manually."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269: Improper Privilege Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/sulu/sulu/security/advisories/GHSA-84px-q68r-2fc9",
"refsource": "CONFIRM",
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-84px-q68r-2fc9"
},
{
"name": "https://github.com/sulu/sulu/commit/30bf8b5a4f83b6f2171a696011757d095edaa28a",
"refsource": "MISC",
"url": "https://github.com/sulu/sulu/commit/30bf8b5a4f83b6f2171a696011757d095edaa28a"
}
]
},
"source": {
"advisory": "GHSA-84px-q68r-2fc9",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-43835",
"datePublished": "2021-12-15T20:00:16.000Z",
"dateReserved": "2021-11-16T00:00:00.000Z",
"dateUpdated": "2024-08-04T04:10:15.699Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-41169 (GCVE-0-2021-41169)
Vulnerability from cvelistv5 – Published: 2021-10-21 20:25 – Updated: 2024-08-04 02:59
VLAI
Title
Improper Neutralization HTML tags in sulu/sulu
Summary
Sulu is an open-source PHP content management system based on the Symfony framework. In versions before 1.6.43 are subject to stored cross site scripting attacks. HTML input into Tag names is not properly sanitized. Only admin users are allowed to create tags. Users are advised to upgrade.
Severity
6.2 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/sulu/sulu/security/advisories/… | x_refsource_CONFIRM |
| https://github.com/sulu/sulu/commit/20007ac70a3af… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:59:31.756Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-h58v-g3q6-q9fx"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sulu/sulu/commit/20007ac70a3af3c9e53a6acb0ef8794b65642445"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "sulu",
"vendor": "sulu",
"versions": [
{
"status": "affected",
"version": "\u003c 1.6.43"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sulu is an open-source PHP content management system based on the Symfony framework. In versions before 1.6.43 are subject to stored cross site scripting attacks. HTML input into Tag names is not properly sanitized. Only admin users are allowed to create tags. Users are advised to upgrade."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-21T20:25:10.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-h58v-g3q6-q9fx"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sulu/sulu/commit/20007ac70a3af3c9e53a6acb0ef8794b65642445"
}
],
"source": {
"advisory": "GHSA-h58v-g3q6-q9fx",
"discovery": "UNKNOWN"
},
"title": "Improper Neutralization HTML tags in sulu/sulu",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-41169",
"STATE": "PUBLIC",
"TITLE": "Improper Neutralization HTML tags in sulu/sulu"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "sulu",
"version": {
"version_data": [
{
"version_value": "\u003c 1.6.43"
}
]
}
}
]
},
"vendor_name": "sulu"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sulu is an open-source PHP content management system based on the Symfony framework. In versions before 1.6.43 are subject to stored cross site scripting attacks. HTML input into Tag names is not properly sanitized. Only admin users are allowed to create tags. Users are advised to upgrade."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/sulu/sulu/security/advisories/GHSA-h58v-g3q6-q9fx",
"refsource": "CONFIRM",
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-h58v-g3q6-q9fx"
},
{
"name": "https://github.com/sulu/sulu/commit/20007ac70a3af3c9e53a6acb0ef8794b65642445",
"refsource": "MISC",
"url": "https://github.com/sulu/sulu/commit/20007ac70a3af3c9e53a6acb0ef8794b65642445"
}
]
},
"source": {
"advisory": "GHSA-h58v-g3q6-q9fx",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-41169",
"datePublished": "2021-10-21T20:25:10.000Z",
"dateReserved": "2021-09-15T00:00:00.000Z",
"dateUpdated": "2024-08-04T02:59:31.756Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-32737 (GCVE-0-2021-32737)
Vulnerability from cvelistv5 – Published: 2021-07-02 17:55 – Updated: 2024-08-03 23:33
VLAI
Title
XSS Injection in Media Collection Title was possible
Summary
Sulu is an open-source PHP content management system based on the Symfony framework. In versions of Sulu prior to 1.6.41, it is possible for a logged in admin user to add a script injection (cross-site-scripting) in the collection title. The problem is patched in version 1.6.41. As a workaround, one may manually patch the affected JavaScript files in lieu of updating.
Severity
8.4 (High)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/sulu/sulu/security/advisories/… | x_refsource_CONFIRM |
| https://github.com/sulu/sulu/releases/tag/1.6.41 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:33:55.802Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-gm2x-6475-g9r8"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sulu/sulu/releases/tag/1.6.41"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "sulu",
"vendor": "sulu",
"versions": [
{
"status": "affected",
"version": "\u003c 1.6.41"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sulu is an open-source PHP content management system based on the Symfony framework. In versions of Sulu prior to 1.6.41, it is possible for a logged in admin user to add a script injection (cross-site-scripting) in the collection title. The problem is patched in version 1.6.41. As a workaround, one may manually patch the affected JavaScript files in lieu of updating."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-02T17:55:09.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-gm2x-6475-g9r8"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sulu/sulu/releases/tag/1.6.41"
}
],
"source": {
"advisory": "GHSA-gm2x-6475-g9r8",
"discovery": "UNKNOWN"
},
"title": "XSS Injection in Media Collection Title was possible",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-32737",
"STATE": "PUBLIC",
"TITLE": "XSS Injection in Media Collection Title was possible"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "sulu",
"version": {
"version_data": [
{
"version_value": "\u003c 1.6.41"
}
]
}
}
]
},
"vendor_name": "sulu"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sulu is an open-source PHP content management system based on the Symfony framework. In versions of Sulu prior to 1.6.41, it is possible for a logged in admin user to add a script injection (cross-site-scripting) in the collection title. The problem is patched in version 1.6.41. As a workaround, one may manually patch the affected JavaScript files in lieu of updating."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/sulu/sulu/security/advisories/GHSA-gm2x-6475-g9r8",
"refsource": "CONFIRM",
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-gm2x-6475-g9r8"
},
{
"name": "https://github.com/sulu/sulu/releases/tag/1.6.41",
"refsource": "MISC",
"url": "https://github.com/sulu/sulu/releases/tag/1.6.41"
}
]
},
"source": {
"advisory": "GHSA-gm2x-6475-g9r8",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-32737",
"datePublished": "2021-07-02T17:55:09.000Z",
"dateReserved": "2021-05-12T00:00:00.000Z",
"dateUpdated": "2024-08-03T23:33:55.802Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-15132 (GCVE-0-2020-15132)
Vulnerability from cvelistv5 – Published: 2020-08-05 20:30 – Updated: 2024-08-04 13:08
VLAI
Title
Reset Password / Login vulnerability in Sulu
Summary
In Sulu before versions 1.6.35, 2.0.10, and 2.1.1, when the "Forget password" feature on the login screen is used, Sulu asks the user for a username or email address. If the given string is not found, a response with a `400` error code is returned, along with a error message saying that this user name does not exist. This enables attackers to retrieve valid usernames. Also, the response of the "Forgot Password" request returns the email address to which the email was sent, if the operation was successful. This information should not be exposed, as it can be used to gather email addresses. This problem was fixed in versions 1.6.35, 2.0.10 and 2.1.1.
Severity
5.3 (Medium)
CWE
- CWE-209 - Generation of Error Message Containing Sensitive Information
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/sulu/sulu/security/advisories/… | x_refsource_CONFIRM |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:08:22.435Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-wfm4-pq59-wg6r"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "sulu",
"vendor": "sulu",
"versions": [
{
"status": "affected",
"version": "\u003c 1.6.35"
},
{
"status": "affected",
"version": "\u003e= 2.0.0, \u003c 2.0.10"
},
{
"status": "affected",
"version": "= 2.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Sulu before versions 1.6.35, 2.0.10, and 2.1.1, when the \"Forget password\" feature on the login screen is used, Sulu asks the user for a username or email address. If the given string is not found, a response with a `400` error code is returned, along with a error message saying that this user name does not exist. This enables attackers to retrieve valid usernames. Also, the response of the \"Forgot Password\" request returns the email address to which the email was sent, if the operation was successful. This information should not be exposed, as it can be used to gather email addresses. This problem was fixed in versions 1.6.35, 2.0.10 and 2.1.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-209",
"description": "CWE-209: Generation of Error Message Containing Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-05T20:30:13.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-wfm4-pq59-wg6r"
}
],
"source": {
"advisory": "GHSA-wfm4-pq59-wg6r",
"discovery": "UNKNOWN"
},
"title": "Reset Password / Login vulnerability in Sulu",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2020-15132",
"STATE": "PUBLIC",
"TITLE": "Reset Password / Login vulnerability in Sulu"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "sulu",
"version": {
"version_data": [
{
"version_value": "\u003c 1.6.35"
},
{
"version_value": "\u003e= 2.0.0, \u003c 2.0.10"
},
{
"version_value": "= 2.1.0"
}
]
}
}
]
},
"vendor_name": "sulu"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Sulu before versions 1.6.35, 2.0.10, and 2.1.1, when the \"Forget password\" feature on the login screen is used, Sulu asks the user for a username or email address. If the given string is not found, a response with a `400` error code is returned, along with a error message saying that this user name does not exist. This enables attackers to retrieve valid usernames. Also, the response of the \"Forgot Password\" request returns the email address to which the email was sent, if the operation was successful. This information should not be exposed, as it can be used to gather email addresses. This problem was fixed in versions 1.6.35, 2.0.10 and 2.1.1."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-209: Generation of Error Message Containing Sensitive Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/sulu/sulu/security/advisories/GHSA-wfm4-pq59-wg6r",
"refsource": "CONFIRM",
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-wfm4-pq59-wg6r"
}
]
},
"source": {
"advisory": "GHSA-wfm4-pq59-wg6r",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2020-15132",
"datePublished": "2020-08-05T20:30:13.000Z",
"dateReserved": "2020-06-25T00:00:00.000Z",
"dateUpdated": "2024-08-04T13:08:22.435Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-1000465 (GCVE-0-2017-1000465)
Vulnerability from cvelistv5 – Published: 2018-01-09 22:00 – Updated: 2024-09-16 16:38
VLAI
Summary
Sulu-standard version 1.6.6 is vulnerable to stored cross-site scripting vulnerability, within the page creation page, which can result in disruption of service and execution of javascript code.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/sulu/sulu-standard/issues/835 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:00:41.323Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/sulu/sulu-standard/issues/835"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"dateAssigned": "2017-12-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Sulu-standard version 1.6.6 is vulnerable to stored cross-site scripting vulnerability, within the page creation page, which can result in disruption of service and execution of javascript code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-09T22:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/sulu/sulu-standard/issues/835"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED": "2017-12-29",
"ID": "CVE-2017-1000465",
"REQUESTER": "sajeeb.lohani@bulletproof.sh",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sulu-standard version 1.6.6 is vulnerable to stored cross-site scripting vulnerability, within the page creation page, which can result in disruption of service and execution of javascript code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/sulu/sulu-standard/issues/835",
"refsource": "CONFIRM",
"url": "https://github.com/sulu/sulu-standard/issues/835"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-1000465",
"datePublished": "2018-01-09T22:00:00.000Z",
"dateReserved": "2018-01-09T00:00:00.000Z",
"dateUpdated": "2024-09-16T16:38:03.785Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}