PT-2026-23900 · Packagist · Craftcms/Cms
Publicado
2026-02-25
·
Atualizado
2026-02-25
CVSS v4.0
2.3
Baixa
| Vetor | AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N |
A stored Cross-site Scripting (XSS) vulnerability exists in the
editableTable.twig component when using the Row Heading column type. The application fails to sanitize input within row headings, allowing an attacker to execute arbitrary JavaScript when another user views a page with the malicious table field.Prerequisites
- An administrator account
allowAdminChangesmust be enabled in production, which is against security recommendations.
Steps to Reproduce
- Navigate to Settings → Fields and create a new field with Type: Table
- Add a Column Heading and set Column Type to
Row Heading - In Default Values section, add a row with the following payload:
html
<img src=x onerror="alert('XSS')">- Enable
Static Rows - Use the field in any object (e.g., user profile fields) → then visit any user’s profile
- Notice the XSS execution
Resources
Correção
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Craftcms/Cms