Vulnerability Description
The csaf_provider package before 0.8.2 allows XSS via a crafted CSAF document uploaded as text/html. The endpoint upload allows valid CSAF advisories (JSON format) to be uploaded with Content-Type text/html and filenames ending in .html. When subsequently accessed via web browser, these advisories are served and interpreted as HTML pages. Such uploaded advisories can contain JavaScript code that will execute within the browser context of users inspecting the advisory.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Csaf Provider Project | Csaf Provider | < 0.8.2 |
Related Weaknesses (CWE)
References
- https://wid.cert-bund.de/.well-known/csaf/white/2022/bsi-2022-0003.jsonThird Party Advisory
- https://wid.cert-bund.de/.well-known/csaf/white/2022/bsi-2022-0003.jsonThird Party Advisory
FAQ
What is CVE-2022-43996?
CVE-2022-43996 is a vulnerability with a CVSS score of 5.4 (MEDIUM). The csaf_provider package before 0.8.2 allows XSS via a crafted CSAF document uploaded as text/html. The endpoint upload allows valid CSAF advisories (JSON format) to be uploaded with Content-Type tex...
How severe is CVE-2022-43996?
CVE-2022-43996 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-43996?
Check the references section above for vendor advisories and patch information. Affected products include: Csaf Provider Project Csaf Provider.