CVE-2022-46180 - Vulnerability Details - OpenCVE

ReportizFlow

Discourse Mermaid (discourse-mermaid-theme-component) allows users of Discourse, open-source forum software, to create graphs using the Mermaid syntax. Users of discourse-mermaid-theme-component version 1.0.0 who can create posts are able to inject arbitrary HTML on that post. The issue has been fixed on the `main` branch of the GitHub repository, with 1.1.0 named as a patched version. Admins can update the theme component through the admin UI. As a workaround, admins can temporarily disable discourse-mermaid-theme-component.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Discourse	Mermaid

Configuration 1 [-]

cpe:2.3:a:discourse:mermaid:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/discourse/discourse-mermaid-theme-component/commit/c10bc4a08bf865cee20e5d5dffba535762813f0f
https://github.com/discourse/discourse-mermaid-theme-component/pull/14
https://github.com/discourse/discourse-mermaid-theme-component/security/advisories/GHSA-8437-hgcm-p3q3

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2023-01-04T16:44:54.487Z

Updated: 2024-08-03T14:31:44.440Z

Reserved: 2022-11-28T17:27:19.999Z

Link: CVE-2022-46180

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-01-04T17:15:08.847

Modified: 2024-11-21T07:30:16.457

Link: CVE-2022-46180

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-46180", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2022-11-28T17:27:19.999Z", "datePublished": "2023-01-04T16:44:54.487Z", "dateUpdated": "2024-08-03T14:31:44.440Z"}, "containers": {"cna": {"title": "Arbitrary HTML injection in discourse-mermaid-theme-component", "problemTypes": [{"descriptions": [{"cweId": "CWE-74", "lang": "en", "description": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/discourse/discourse-mermaid-theme-component/security/advisories/GHSA-8437-hgcm-p3q3", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/discourse/discourse-mermaid-theme-component/security/advisories/GHSA-8437-hgcm-p3q3"}, {"name": "https://github.com/discourse/discourse-mermaid-theme-component/pull/14", "tags": ["x_refsource_MISC"], "url": "https://github.com/discourse/discourse-mermaid-theme-component/pull/14"}, {"name": "https://github.com/discourse/discourse-mermaid-theme-component/commit/c10bc4a08bf865cee20e5d5dffba535762813f0f", "tags": ["x_refsource_MISC"], "url": "https://github.com/discourse/discourse-mermaid-theme-component/commit/c10bc4a08bf865cee20e5d5dffba535762813f0f"}], "affected": [{"vendor": "discourse", "product": "discourse-mermaid-theme-component", "versions": [{"version": "= 1.0.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-01-04T16:44:54.487Z"}, "descriptions": [{"lang": "en", "value": "Discourse Mermaid (discourse-mermaid-theme-component) allows users of Discourse, open-source forum software, to create graphs using the Mermaid syntax. Users of discourse-mermaid-theme-component version 1.0.0 who can create posts are able to inject arbitrary HTML on that post. The issue has been fixed on the `main` branch of the GitHub repository, with 1.1.0 named as a patched version. Admins can update the theme component through the admin UI. As a workaround, admins can temporarily disable discourse-mermaid-theme-component."}], "source": {"advisory": "GHSA-8437-hgcm-p3q3", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T14:31:44.440Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/discourse/discourse-mermaid-theme-component/security/advisories/GHSA-8437-hgcm-p3q3", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/discourse/discourse-mermaid-theme-component/security/advisories/GHSA-8437-hgcm-p3q3"}, {"name": "https://github.com/discourse/discourse-mermaid-theme-component/pull/14", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/discourse/discourse-mermaid-theme-component/pull/14"}, {"name": "https://github.com/discourse/discourse-mermaid-theme-component/commit/c10bc4a08bf865cee20e5d5dffba535762813f0f", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/discourse/discourse-mermaid-theme-component/commit/c10bc4a08bf865cee20e5d5dffba535762813f0f"}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:discourse:mermaid:*:*:*:*:*:*:*:*", "matchCriteriaId": "A55534C3-7CBF-403E-BEE4-8B9A1A5E8639", "versionEndExcluding": "1.1.0", "versionStartIncluding": "1.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Discourse Mermaid (discourse-mermaid-theme-component) allows users of Discourse, open-source forum software, to create graphs using the Mermaid syntax. Users of discourse-mermaid-theme-component version 1.0.0 who can create posts are able to inject arbitrary HTML on that post. The issue has been fixed on the `main` branch of the GitHub repository, with 1.1.0 named as a patched version. Admins can update the theme component through the admin UI. As a workaround, admins can temporarily disable discourse-mermaid-theme-component."}, {"lang": "es", "value": "Discourse Mermaid (discourse-mermaid-theme-component) permite a los usuarios de Discourse, software de foro de c\u00f3digo abierto, crear gr\u00e1ficos utilizando la sintaxis de Mermaid. Los usuarios de la versi\u00f3n 1.0.0 del componente de tema de sirena del discurso que pueden crear publicaciones pueden inyectar HTML arbitrario en esa publicaci\u00f3n. El problema se solucion\u00f3 en la rama \"principal\" del repositorio de GitHub, con la versi\u00f3n 1.1.0 nombrada como versi\u00f3n parcheada. Los administradores pueden actualizar el componente del tema a trav\u00e9s de la interfaz de usuario del administrador. Como workaround, los administradores pueden desactivar temporalmente el componente del tema de la sirena del discurso."}], "id": "CVE-2022-46180", "lastModified": "2024-11-21T07:30:16.457", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 1.4, "source": "[email protected]", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "[email protected]", "type": "Primary"}]}, "published": "2023-01-04T17:15:08.847", "references": [{"source": "[email protected]", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/discourse/discourse-mermaid-theme-component/commit/c10bc4a08bf865cee20e5d5dffba535762813f0f"}, {"source": "[email protected]", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/discourse/discourse-mermaid-theme-component/pull/14"}, {"source": "[email protected]", "tags": ["Third Party Advisory"], "url": "https://github.com/discourse/discourse-mermaid-theme-component/security/advisories/GHSA-8437-hgcm-p3q3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/discourse/discourse-mermaid-theme-component/commit/c10bc4a08bf865cee20e5d5dffba535762813f0f"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/discourse/discourse-mermaid-theme-component/pull/14"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://github.com/discourse/discourse-mermaid-theme-component/security/advisories/GHSA-8437-hgcm-p3q3"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-74"}], "source": "[email protected]", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-79"}], "source": "[email protected]", "type": "Primary"}]}