CVE-2022-26156

Name of the Vulnerable Software and Affected Versions Cherwell Service Management (CSM) version 10.2.3

Description An issue was discovered in the web application where injection of a malicious payload within the RelayState= parameter of the HTTP request body results in the hijacking of the form action. This occurs when the application places user-supplied input into the action URL of an HTML form. An attacker can use this to construct a URL that, if visited by another application user, will modify the action URL of a form to point to the attacker's server.

Recommendations For Cherwell Service Management (CSM) version 10.2.3, as a temporary workaround, consider restricting the use of the RelayState= parameter in the HTTP request body until a patch is available. Avoid using the RelayState= parameter in the affected HTTP request body to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.