CVE Vulnerability

CVE-2022-46181

Gotify server is a simple server for sending and receiving messages in real-time per WebSocket. Versions prior to 2.2.2 contain an XSS vulnerability that allows authenticated users to upload .html files. An attacker could execute client side scripts **if** another user opened a link. The attacker could potentially take over the account of the user that clicked the link. The Gotify UI won't natively expose such a malicious link, so an attacker has to get the user to open the malicious link in a context outside of Gotify. The vulnerability has been fixed in version 2.2.2. As a workaround, you can block access to non image files via a reverse proxy in the `./image` directory.

5.4 /10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.3 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References
Link Resource
https://github.com/gotify/server/pull/535 Third Party Advisory
https://github.com/gotify/server/pull/534 Patch Third Party Advisory
https://github.com/gotify/server/security/advisories/GHSA-xv6x-456v-24xh Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:gotify:server:*:*:*:*:*:*:*:*
Information

Published : 2022-12-29 07:15

Updated : 2023-01-09 07:56

NVD link : CVE-2022-46181

Mitre link : CVE-2022-46181

Products Affected
No products.
CWE
CWE-79