Casdoor vulnerable to Stored XSS via Application formCss / formSideHtml
wordt vertaald…Platform
go
Component
github.com/casdoor/casdoor
Opgelost in
2.356.1
1.1000.1
A cross-site scripting (XSS) vulnerability has been identified in Casdoor versions up to 1.1000.0. This flaw resides within the dangerouslySetInnerHTML function, allowing attackers to inject malicious scripts by manipulating the formCss, formCssMobile, or formSideHtml arguments. The vulnerability can be exploited remotely and a public proof-of-concept is available, posing a significant risk to deployments. A fix is expected from the vendor.
Detecteer deze CVE in je project
Upload je go.mod-bestand en we vertellen je direct of je getroffen bent.
Impact en Aanvalsscenarioswordt vertaald…
Successful exploitation of CVE-2026-5468 allows an attacker to inject arbitrary JavaScript code into a user's browser session within the Casdoor application. This can lead to a variety of malicious actions, including session hijacking, credential theft, and defacement of the application's user interface. The attacker could potentially gain access to sensitive user data or compromise the entire Casdoor instance, depending on the privileges of the affected user. The availability of a public exploit significantly increases the likelihood of widespread exploitation.
Uitbuitingscontextwordt vertaald…
CVE-2026-5468 has been publicly disclosed and a proof-of-concept exploit is available, indicating a high probability of exploitation. The vulnerability was reported on 2026-04-03. The vendor was contacted but did not respond. The vulnerability is not currently listed on CISA KEV, but its public nature warrants close monitoring.
Wie Loopt Risicowordt vertaald…
Organizations utilizing Casdoor for authentication and authorization, particularly those relying on custom themes or configurations that leverage the dangerouslySetInnerHTML function, are at risk. Shared hosting environments where multiple applications share the same Casdoor instance are also vulnerable, as a compromise of one application could potentially impact others.
Detectiestappenwordt vertaald…
• go / server:
find /var/log/casdoor -type f -name '*.log' | grep -i 'dangerouslySetInnerHTML'• generic web:
curl -I <casdoor_url>/ | grep -i 'content-security-policy'Aanvalstijdlijn
- Disclosure
disclosure
Dreigingsinformatie
Exploit Status
EPSS
0.03% (7% percentiel)
CISA SSVC
CVSS-vector
Wat betekenen deze metrics?
- Attack Vector
- Netwerk — op afstand uitbuitbaar via internet. Geen fysieke of lokale toegang vereist.
- Attack Complexity
- Laag — geen speciale voorwaarden vereist. Betrouwbaar uitbuitbaar.
- Privileges Required
- Laag — elk geldig gebruikersaccount is voldoende.
- User Interaction
- Vereist — slachtoffer moet een bestand openen, op een link klikken of een pagina bezoeken.
- Scope
- Ongewijzigd — impact beperkt tot het kwetsbare component.
- Confidentiality
- Geen — geen vertrouwelijkheidsimpact.
- Integrity
- Laag — aanvaller kan enkele gegevens met beperkte omvang aanpassen.
- Availability
- Geen — geen beschikbaarheidsimpact.
Getroffen Software
Zwakheidsclassificatie (CWE)
Tijdlijn
- Gereserveerd
- Gepubliceerd
- Gewijzigd
- EPSS bijgewerkt
Mitigatie en Workaroundswordt vertaald…
The primary mitigation for CVE-2026-5468 is to upgrade to a patched version of Casdoor. Unfortunately, a specific fixed version is not yet available. Until a patch is released, consider implementing input validation and sanitization on the formCss, formCssMobile, and formSideHtml parameters to prevent malicious code injection. Web application firewalls (WAFs) configured to detect and block XSS payloads can provide an additional layer of defense. Monitor Casdoor logs for suspicious activity, particularly related to user input and rendering of HTML content.
Hoe te verhelpenwordt vertaald…
Actualizar Casdoor a una versión posterior a la 2.356.0 que corrija la vulnerabilidad de Cross-Site Scripting (XSS) en la función dangerouslySetInnerHTML. Dado que no hay una versión específica mencionada como corregida, se recomienda contactar al proveedor para obtener una versión actualizada o aplicar un parche que mitigue la vulnerabilidad.
CVE Beveiligingsnieuwsbrief
Kwetsbaarheidsanalyses en kritieke waarschuwingen direct in uw inbox.
Veelgestelde vragenwordt vertaald…
What is CVE-2026-5468 — XSS in Casdoor?
CVE-2026-5468 is a cross-site scripting (XSS) vulnerability in Casdoor versions up to 1.1000.0, affecting the dangerouslySetInnerHTML function and allowing remote code execution.
Am I affected by CVE-2026-5468 in Casdoor?
You are affected if you are using Casdoor versions 1.1000.0 or earlier. The vulnerability allows remote exploitation via manipulation of HTML parameters.
How do I fix CVE-2026-5468 in Casdoor?
Upgrade to a patched version of Casdoor as soon as it becomes available. Until then, implement input validation and sanitization and consider WAF rules.
Is CVE-2026-5468 being actively exploited?
A public proof-of-concept exploit exists, indicating a high probability of active exploitation. Monitor your Casdoor instance closely.
Where can I find the official Casdoor advisory for CVE-2026-5468?
Check the Casdoor GitHub repository and official documentation for updates and security advisories regarding CVE-2026-5468.
Is jouw project getroffen?
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.