Debian 11: DLA-3956-1 critical advisory for smarty3 XSS vulnerabilities
debian lts
November 17, 2024
Multiple vulnerabilties were discovered for smarty3, a widely-used PHP templating engine, which potentially allows an attacker to perform an XSS (e.g JavaScript or PHP code injecti...
Topics Covered
Summary
CVE-2018-25047
In Smarty before 3.1.47 and 4.x before 4.2.1,
libs/plugins/function.mailto.php allows XSS. A web page that uses
smarty_function_mailto, and that could be parameterized using GET or
POST input parameters, could allow injection of JavaScript code by a
user.
CVE-2023-28447
In affected versions smarty did not properly escape javascript code.
An attacker could exploit this vulnerability to execute arbitrary
JavaScript code in the context of the user's browser session. This
may lead to unauthorized access to sensitive user data, manipulation
of the web application's behavior, or unauthorized actions performed
on behalf of the user. Users are advised to upgrade to either
version 3.1.48 or to 4.3.1 to resolve this issue. There are no known
workarounds for this vulnerability.
CVE-2024-35226
In affected versions template authors could inject php code by
choosing a malicious file name for an extends-tag. Sites that cannot
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Package: smarty3
Version: 3.1.39-2+deb11u2
CVE ID: CVE-2018-25047 CVE-2023-28447 CVE-2024-35226
Debian Bug: 1019897 1033964 1072530
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!