CVE-2022-1091 – darylldoyle/safe-svg

Package

Manager: composer
Name: darylldoyle/safe-svg
Vulnerable Version: >=0 <1.9.10

Severity

Level: Medium

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N

EPSS: 0.00444 pctl0.62488

Details

Cross site scripting in safe-svg The sanitisation step of the Safe SVG WordPress plugin before 1.9.10 can be bypassed by spoofing the content-type in the POST request to upload a file. Exploiting this vulnerability, an attacker will be able to perform the kinds of attacks that this plugin should prevent (mainly XSS, but depending on further use of uploaded SVG files potentially other XML attacks).

Metadata

Created: 2022-04-19T00:00:45Z
Modified: 2022-04-28T21:15:03Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/04/GHSA-5h7w-hmxc-99g5/GHSA-5h7w-hmxc-99g5.json
CWE IDs: ["CWE-79"]
Alternative ID: GHSA-5h7w-hmxc-99g5
Finding: F425
Auto approve: 1