GHSA SYNC: 1 brand new advisory

jasnow · postmodern · commit 4d49a956e24b · 2025-03-29T20:51:00.000-07:00
diff --git a/gems/publify_core/CVE-2024-39311.yml b/gems/publify_core/CVE-2024-39311.yml
@@ -0,0 +1,42 @@
+---
+gem: publify_core
+cve: 2024-39311
+ghsa: 8fm5-gg2f-f66q
+url: https://github.com/publify/publify/security/advisories/GHSA-8fm5-gg2f-f66q
+title: Publify Vulnerable To Cross-Site Scripting (XSS) Via
+  Redirects Requiring User Interaction
+date: 2025-03-28
+description: |
+  ### Summary
+
+  A publisher on a `publify` application is able to perform a cross-site
+  scripting attack on an administrator using the redirect functionality.
+
+  ### Details
+
+  A publisher on a `publify` application is able to perform a cross-site
+  scripting attack on an administrator using the redirect functionality.
+  The exploitation of this XSS vulnerability requires the administrator
+  to click a malicious link.
+
+  We can create a redirect to a `javascript:alert()` URL. Whilst the
+  redirect itself doesn't work, on the administrative panel, an a tag
+  is created with the payload as the URI. Upon clicking this link,
+  the XSS is triggered.
+
+  An attack could attempt to hide their payload by using HTML, or
+  other encodings, as to not make it obvious to an administrator
+  that this is a malicious link.
+
+  ### Impact
+
+  A publisher may attempt to use this vulnerability to escalate their
+  privileges and become an administrator."
+cvss_v4: 1.8
+patched_versions:
+  - ">= 10.0.2"
+related:
+  url:
+    - https://nvd.nist.gov/vuln/detail/CVE-2024-39311
+    - https://github.com/publify/publify/security/advisories/GHSA-8fm5-gg2f-f66q
+    - https://github.com/advisories/GHSA-8fm5-gg2f-f66q
