CVE-2021-23648: Stored XSS in @braintree/sanitize-url Package

Vulnerability: Cross-site Scripting (XSS) Affected Package: Affected Versions: Introduced Date: 14 Jan 2022 CVE Identifier: CVE-2021-23648 Severity: Medium (5.4) Exploit Maturity: Proof of Concept EPSS: 0.12% (33rd percentile) CVSS Base Score: - Snyk: 5.4 - NVD: 6.1 - Red Hat: 5.4 Description The package is vulnerable to Cross-site Scripting (XSS) due to improper sanitization in the function. Affected versions of this package allow an attacker to inject malicious scripts into web applications, which can be executed by the user's browser when interacting with the compromised website. Proof of Concept (PoC) The screenshot contains a code snippet demonstrating how an attacker can exploit the vulnerability by injecting malicious JavaScript into the function. Affected Environments Web servers Application servers Web application environments Types of Attacks Stored: Malicious code is inserted by the attacker and activated when a user clicks a link. Reflected: Malicious code is sent to the vulnerable web site and reflected back to the user's browser. DOM-based: Malicious page is rendered by the user's browser. Mutated: Malicious code appears safe but is rewritten and modified by the browser. Prevention Sanitize data input. Convert special characters. Offer users the option to disable client-side scripts. Redirect invalid requests. Detect simultaneous logins. Use a Content Security Policy. Understand which elements allow for embedded HTML. Additional Information Snyk ID: SNYK-JS-BRAINTREESANITIZEURL-2339882 Published Date: 8 Mar 2022 Disclosed Date: 14 Jan 2022 Credit: Bob "Wombat" Hogg References: GitHub Commit, GitHub PR, Vulnerable Code

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2021-23648: Stored XSS in @braintree/sanitize-url Package