admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 10:41:43 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2023/CVE-2023-1767.md

20 lines
1.1 KiB
Markdown
Raw Normal View History

Update Sat May 25 21:48:12 CEST 2024
2024-05-25 21:48:12 +02:00
### [CVE-2023-1767](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1767)
![](https://img.shields.io/static/v1?label=Product&message=Snyk%20Advisor&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=2020-10-01%3C%202023-03-28%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%3A%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen)
### Description
The Snyk Advisor website (https://snyk.io/advisor/) was vulnerable to a stored XSS prior to 28th March 2023. A feature of Snyk Advisor is to display the contents of a scanned package's Readme on its package health page. An attacker could create a package in NPM with an associated markdown README file containing XSS-able HTML tags. Upon Snyk Advisor importing the package, the XSS would run each time an end user browsed to the package's page on Snyk Advisor.
### POC
#### Reference
- https://weizman.github.io/2023/04/10/snyk-xss/
#### Github
- https://github.com/karimhabush/cyberowl
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/weizman/CVE-2023-1767
Reference in New Issue Copy Permalink