CVE-2023-48226

Published: Nov 21, 2023Modified: Nov 21, 2024

3.5

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

Exploitability: 2.1 / Impact: 1.4

Source: NVD

Description

OpenReplay is a self-hosted session replay suite. In version 1.14.0, due to lack of validation Name field - Account Settings (for registration looks like validation is correct), a bad actor can send emails with HTML injected code to the victims. Bad actors can use this to phishing actions for example. Email is really send from OpenReplay, but bad actors can add there HTML code injected (content spoofing). Please notice that during Registration steps for FullName looks like is validated correct - can not type there, but using this kind of bypass/workaround - bad actors can achieve own goal. As of time of publication, no known fixes or workarounds are available.

Affected (1)

Products: Openreplay: Openreplay

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Openreplay Openreplay	Before 1.15.0

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

References (10)

https://bugcrowd.com/vulnerability-rating-taxonomy

Source: security-advisories@github.com

Third Party Advisory

https://capec.mitre.org/data/definitions/242.html

Source: security-advisories@github.com

Technical Description

https://cwe.mitre.org/data/definitions/20.html

Source: security-advisories@github.com

Technical Description

https://github.com/openreplay/openreplay/blob/main/api/chalicelib/utils/html/invitation.html#L421

Source: security-advisories@github.com

Product

https://github.com/openreplay/openreplay/security/advisories/GHSA-xpfv-454c-3fj4

Source: security-advisories@github.com

ExploitVendor Advisory

https://bugcrowd.com/vulnerability-rating-taxonomy

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://capec.mitre.org/data/definitions/242.html

Source: af854a3a-2127-422b-91ae-364da2661108

Technical Description

https://cwe.mitre.org/data/definitions/20.html

Source: af854a3a-2127-422b-91ae-364da2661108

Technical Description

https://github.com/openreplay/openreplay/blob/main/api/chalicelib/utils/html/invitation.html#L421

Source: af854a3a-2127-422b-91ae-364da2661108

Product

https://github.com/openreplay/openreplay/security/advisories/GHSA-xpfv-454c-3fj4

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitVendor Advisory

Timeline

No history available yet.