Description: DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMpurify was vulnerable to nesting-based mXSS. This vulnerability is fixed in 2.5.0 and 3.1.3.
CVE-2024-47875
CVSS Score: 10 (CRITICAL)
EPSS Score: N/A
Risk Score: N/A
Risk Score based on CVSS score and EPSS. This score is for reference purposes and is not internationally recognized.
Mitre ATT&CK Technical v15.1
T1053.002 – At
Technical Analysis & Mitigation Measures
1. Technical Attack Analysis:
– The vulnerability allows for the exploitation of DOMPurify’s handling of nested HTML elements, leading to the potential execution of malicious scripts in the user’s browser.
– Attackers can craft payloads that leverage the nesting behavior of DOMPurify to bypass its sanitization measures, resulting in stored or reflected cross-site scripting (XSS) attacks.
– Possible outcomes of exploitation include:
– Unauthorized access to user sessions.
– Theft of sensitive information (e.g., cookies, tokens).
– Defacement of the website’s content.
– Distribution of malware through compromised scripts.
– Phishing attacks aimed at users of the affected application.
2. Mitigation Measures:
– Upgrade to DOMPurify version 2.5.0 or higher.
– Implement Content Security Policy (CSP) to restrict script execution.
– Regularly audit and test web applications for XSS vulnerabilities.
– Sanitize and validate all user inputs before processing.
– Limit the use of inline scripts and styles.
– Educate developers about secure coding practices.
– Use frameworks that provide built-in protections against XSS.
– Monitor and log script execution anomalies.
The content above is generated by AI. Please review and consider carefully before applying!
Reference Links
https://github.com/cure53/DOMPurify/blob/0ef5e537a514f904b6aa1d7ad9e749e365d7185f/test/test-suite.js#L2098
https://github.com/cure53/DOMPurify/commit/0ef5e537a514f904b6aa1d7ad9e749e365d7185f
https://github.com/cure53/DOMPurify/commit/6ea80cd8b47640c20f2f230c7920b1f4ce4fdf7a
https://github.com/cure53/DOMPurify/security/advisories/GHSA-gx9m-whjm-85jf
Vendor - Produce - Version
Disclaimer
The content on this website is automatically sourced from external websites such as the National Vulnerability Database (NVD), GitHub, and other security-related sources. This content is for reference purposes only, and we are not responsible for the accuracy or integrity of the information linked or displayed from these sources.