CVE-2020-25817

SilverStripe through 4.6.0-rc1 has an XXE Vulnerability in CSSContentParser. A developer utility meant for parsing HTML within unit tests can be vulnerable to XML External Entity (XXE) attacks. When this developer utility is misused for purposes involving external or user submitted data in custom project code, it can lead to vulnerabilities such as XSS on HTML output rendered through this custom code. This is now mitigated by disabling external entities during parsing. (The correct CVE ID year is 2020 [CVE-2020-25817, not CVE-2021-25817]).

CVSS v3 4.8 MEDIUM
CVSS v2.0 3.5 LOW

4.8^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.7 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

3.5^/10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:N/AC:M/Au:S/C:N/I:P/A:N

Exploitability : 6.8 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
https://forum.silverstripe.org/c/releases	Release Notes Vendor Advisory
https://www.silverstripe.org/blog/tag/release	Release Notes Vendor Advisory
https://www.silverstripe.org/download/security-releases/	Vendor Advisory
https://www.silverstripe.org/download/security-releases/cve-2020-25817	Broken Link

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:silverstripe:silverstripe::::::::
	cpe:2.3:a:silverstripe:silverstripe:4.6.0:rc1::::::

History

17 Jun 2021, 15:47

Type	Values Removed	Values Added
CWE		CWE-611
References	~~(CONFIRM) https://www.silverstripe.org/download/security-releases/ -~~	(CONFIRM) https://www.silverstripe.org/download/security-releases/ - Vendor Advisory
References	~~(MISC) https://forum.silverstripe.org/c/releases -~~	(MISC) https://forum.silverstripe.org/c/releases - Release Notes, Vendor Advisory
References	~~(MISC) https://www.silverstripe.org/download/security-releases/cve-2020-25817 -~~	(MISC) https://www.silverstripe.org/download/security-releases/cve-2020-25817 - Broken Link
References	~~(MISC) https://www.silverstripe.org/blog/tag/release -~~	(MISC) https://www.silverstripe.org/blog/tag/release - Release Notes, Vendor Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : 3.5 v3 : 4.8
CPE		cpe:2.3:a:silverstripe:silverstripe:::::::: cpe:2.3:a:silverstripe:silverstripe:4.6.0:rc1::::::

08 Jun 2021, 20:15

Type	Values Removed	Values Added
References	{'url': 'https://www.silverstripe.org/download/security-releases/cve-2021-25817-xxe-vulnerability-in-css-contentparser', 'name': 'https://www.silverstripe.org/download/security-releases/cve-2021-25817-xxe-vulnerability-in-css-contentparser', 'tags': [], 'refsource': 'MISC'}	(MISC) https://www.silverstripe.org/download/security-releases/cve-2020-25817 -

08 Jun 2021, 18:58

Type	Values Removed	Values Added
New CVE

Information

Published : 2021-06-08 18:15

Updated : 2023-12-10 13:55

NVD link : CVE-2020-25817

Mitre link : CVE-2020-25817

CVE.ORG link : CVE-2020-25817

JSON object : View

Products Affected

silverstripe

silverstripe

CWE

CWE-611

Improper Restriction of XML External Entity Reference

4.8 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

3.5 /10

Access Vector NETWORK

Access Complexity MEDIUM

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

JSON object

Attach tags to CVE-2020-25817

4.8^/10

3.5^/10

Attach tags to `CVE-2020-25817`