Cross-site Scripting (XSS) Affecting org.webjars.bowergithub.summernote:summernote package, versions [0,0.8.19)
Threat Intelligence
EPSS
0.04% (11th
percentile)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-JAVA-ORGWEBJARSBOWERGITHUBSUMMERNOTE-608895
- published 9 Oct 2020
- disclosed 3 Aug 2020
- credit Alejandroid17
Introduced: 3 Aug 2020
CVE-2024-29504 Open this link in a new tabHow to fix?
Upgrade org.webjars.bowergithub.summernote:summernote
to version 0.8.19 or higher.
Overview
org.webjars.bowergithub.summernote:summernote is a super simple WYSIWYG Editor.
Affected versions of this package are vulnerable to Cross-site Scripting (XSS). It is possible to inject malicious JavaScript within the myforms
area due to no sanitization.
PoC
from crispy_forms.helper import FormHelper
from crispy_forms.layout import Submit, Column, Row, Layout
from django.forms import HiddenInput
from django.utils.translation import ugettext as _
from django import forms
from django_summernote.widgets import SummernoteInplaceWidget
from myapp.models import MyModel
class MyForm(forms.ModelForm):
def __init__(self, *args, **kwargs):
super(MyForm, self).__init__(*args, **kwargs)
self.helper = FormHelper()
self.helper.layout = Layout(
Row(Column('title', css_class='form-group col-md-6'), css_class='form-row'),
Row(Column('base_template', css_class='form-group col-md-12'), css_class='form-row'),
Row(Column('base_css_template', css_class='form-group col-md-6', ), css_class='form-row'),
'doc',
Submit('submit', _('Save'))
)
class Meta:
model = MyModel
fields = '__all__'
widgets = {
'base_template': SummernoteInplaceWidget(attrs={'summernote': {'width': '100%', 'height': '600px'}}),
'document_type': HiddenInput()
}
labels = {
'title': _('Title'),
'base_template': _('Body'),
'base_css_template': _('CSS stylesheet (optional)'),
'doc': _('Doc'),
}
References
CVSS Scores
version 3.1