SB2022100542 - Multiple vulnerabilities in IonicaBizau parse-url for Node.js

Description

This security bulletin contains information about 4 secuirty vulnerabilities.

1) Cross-site scripting (CVE-ID: CVE-2022-2217)

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

2) Server-Side Request Forgery (SSRF) (CVE-ID: CVE-2022-2216)

The disclosed vulnerability allows a remote attacker to perform SSRF attacks.

The vulnerability exists due to insufficient validation of user-supplied input caused by an improper handling of username and password. A remote attacker can send a specially crafted HTTP request and trick the application to initiate requests to arbitrary systems.

Successful exploitation of this vulnerability may allow a remote attacker gain access to sensitive data, located in the local network or send malicious requests to other servers from the vulnerable system.

3) Cross-site scripting (CVE-ID: CVE-2022-2218)

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

4) Information disclosure (CVE-ID: CVE-2022-0722)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the application. A remote attacker can gain unauthorized access to cookies from another domain.

Remediation

Install update from vendor's website.

References

• https://github.com/ionicabizau/parse-url/commit/21c72ab9412228eea753e2abc48f8962707b1fe3
• https://huntr.dev/bounties/4e046c63-b1ca-4bcc-b418-29796918a71b
• https://huntr.dev/bounties/505a3d39-2723-4a06-b1f7-9b2d133c92e1
• https://huntr.dev/bounties/024912d3-f103-4daf-a1d0-567f4d9f2bf5
• https://huntr.dev/bounties/2490ef6d-5577-4714-a4dd-9608251b4226