Platform
other
Component
fluig-platform
Fixed in
1.6.1
1.7.1
1.8.1
1.8.2
CVE-2023-6275 is a cross-site scripting (XSS) vulnerability affecting TOTVS Fluig Platform versions up to 1.8.1. This vulnerability allows an attacker to inject malicious scripts into web pages viewed by other users, potentially leading to session hijacking or defacement. The vulnerability resides in the /mobileredir/openApp.jsp file and is triggered by manipulating the redirectUrl/user parameter. Affected users should upgrade to version 1.7.1-231128, 1.8.0-231127, or 1.8.1-231127.
Successful exploitation of CVE-2023-6275 enables an attacker to execute arbitrary JavaScript code within the context of a user's browser session on the Fluig Platform. This can lead to a variety of malicious actions, including stealing session cookies, redirecting users to phishing sites, or modifying the content of web pages. The impact is particularly severe if the Fluig Platform is used to manage sensitive data or critical business processes, as an attacker could potentially gain unauthorized access to this information. The vulnerability's remote accessibility significantly expands the potential attack surface, as it can be exploited from anywhere with network access to the platform.
CVE-2023-6275 has been publicly disclosed and a proof-of-concept may be available. While the CVSS score is LOW, the ease of exploitation and potential impact warrant immediate attention. The vulnerability was published on 2023-11-24. There is no indication of active exploitation campaigns at this time, but the public disclosure increases the risk of opportunistic attacks.
Exploit Status
EPSS
52.49% (98% percentile)
CVSS Vector
The primary mitigation for CVE-2023-6275 is to upgrade to a patched version of TOTVS Fluig Platform: 1.7.1-231128, 1.8.0-231127, or 1.8.1-231127. If immediate upgrading is not possible, consider implementing temporary workarounds such as input validation and output encoding on the redirectUrl/user parameter. Web application firewalls (WAFs) configured to detect and block XSS payloads can also provide an additional layer of defense. Carefully review and sanitize all user-supplied input before rendering it in web pages. After upgrading, confirm the fix by attempting to trigger the vulnerability with the original payload and verifying that the script is not executed.
Upgrade to versions 1.7.1-231128, 1.8.0-231127, or 1.8.1-231127, or a later version. These versions contain the fix for the XSS vulnerability. It is recommended to update the affected component as soon as possible.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2023-6275 is a cross-site scripting (XSS) vulnerability in TOTVS Fluig Platform versions up to 1.8.1, allowing attackers to inject malicious scripts.
If you are using TOTVS Fluig Platform version 1.8.1 or earlier, you are potentially affected by this vulnerability.
Upgrade to version 1.7.1-231128, 1.8.0-231127, or 1.8.1-231127 to address the vulnerability.
While there's no confirmed active exploitation, the public disclosure increases the risk of opportunistic attacks.
Refer to the official TOTVS security advisory for detailed information and updates regarding CVE-2023-6275.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.