Multiple vulnerabilities in vega
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2023-26487 CVE-2023-26486 |
| CWE-ID | CWE-79 |
| Exploitation vector | Network |
| Public exploit |
Public exploit code for vulnerability #1 is available. Public exploit code for vulnerability #2 is available. |
| Vulnerable software Subscribe |
vega Web applications / JS libraries |
| Vendor | Vega |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Cross-site scripting
EUVDB-ID: #VU73795
Risk: Low
CVSSv3.1:
CVE-ID: CVE-2023-26487
CWE-ID:
Exploit availability:
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data in "lassoAppend" function. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall updates from vendor's website.
Vulnerable software versionsvega: 5.0.0 - 5.22.1
Fixed software versionsCPE2.3 External links
http://github.com/vega/vega/releases/tag/v5.23.0
http://github.com/vega/vega/commit/01adb034f24727d3bb321bbbb6696a7f4cd91689
http://github.com/vega/vega/security/advisories/GHSA-w5m3-xh75-mp55
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
2) Cross-site scripting
EUVDB-ID: #VU73798
Risk: Low
CVSSv3.1:
CVE-ID: CVE-2023-26486
CWE-ID:
Exploit availability:
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data in "scale" expression function. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall updates from vendor's website.
Vulnerable software versionsvega: 5.0.0 - 5.22.1
Fixed software versionsCPE2.3 External links
http://github.com/vega/vega/releases/tag/v5.23.0
http://github.dev/vega/vega/blob/72b9b3bbf912212e7879b6acaccc84aff969ef1c/packages/vega-functions/src/functions/scale.js#L36-L37
http://github.dev/vega/vega/blob/72b9b3bbf912212e7879b6acaccc84aff969ef1c/packages/vega-functions/src/scales.js#L6
http://github.com/vega/vega/security/advisories/GHSA-4vq7-882g-wcg4
http://vega.github.io/editor/#/url/vega/N4IgJAzgxgFgpgWwIYgFwhgF0wBwqgegIDc4BzJAOjIEtMYBXAI0poHsDp5kTykSArJQBWENgDsQAGhAATJJhSoA2qHFIEcNCAAaAZT0ACAApsAwtJDEkAGwZwIaZQEYAujMwAnJOIgAzNk8EJ1BMAE8cLXQAoIYbFBkkR3QNNgZxTEs4AA8cT21oWzgACgByP3SoUqlDcTibGsNgKAlMHMxUJsKbB07gCvEoPus7OE7ukvLK6sNSuBHihTYmYoAdEABNAHVsmyhxAEU2AFk9AGsAdnWASmuZ5tb2von8JoGhppH7TuVXShbfF4GFBMIF-hIIECQYEAL5wmHXeEIkAw1yomFAA
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
