CVE-2021-43862

描述

### Impact This is low impact and limited XSS, because code for XSS payload is always visible, but attacker can use other techniques to hide the code the victim sees. Also if the application use execHash option and execute code from URL the attacker can use this URL to execute his code. The scope is limited because the javascript code inside html attribute used is added to span tag, so no automatic execution like with `onerror` on images is possible. ### Patches Fixed version 2.31.1 ### Workarounds The user can use formatting that wrap whole user input and it's no op. ```javascript $.terminal.new_formatter([/([\s\S]+)/g, '[[;;]$1]']); ``` The fix will only work when user of the library is not using different formatters (e.g. to highlight code in different way). ### References The issue was reported here [jcubic/jquery.terminal#727](https://github.com/jcubic/jquery.terminal/issues/727) ### For more information If you have any questions or comments about this advisory: * Open an issue in [jcubic/jquery.terminal](https://github.com/jcubic/jquery.terminal) * Email us at [[email protected]](mailto:[email protected])

如何修補 CVE-2021-43862

要修補 CVE-2021-43862,請將受影響套件升級到下列已修補版本。

• —升級至 2.31.1 或更新版本

CVE-2021-43862 正在被利用嗎?

低 — EPSS 為 0.3%,目前沒有觀察到大規模利用活動。

受影響套件(1)

• from 0, < 2.31.1

CVSS 分數

參考連結(6)

• ADVISORYnvd.nist.gov/vuln/detail/CVE-2021-43862
• WEBgithub.com/jcubic/jquery.terminal
• WEBgithub.com/jcubic/jquery.terminal/commit/77eb044d0896e990d48a9157f0bc6648f81a84b5
• WEBgithub.com/jcubic/jquery.terminal/issues/727