{"url":"http://public2.vulnerablecode.io/api/packages/33010?format=json","purl":"pkg:composer/ibexa/fieldtype-richtext@4.6.0","type":"composer","namespace":"ibexa","name":"fieldtype-richtext","version":"4.6.0","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"4.6.25","latest_non_vulnerable_version":"5.0.3","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/360493?format=json","vulnerability_id":"VCID-1k32-w6cf-vqbt","summary":"ibexa/fieldtype-richtext allows access to external entities in XML\n### Impact\nThis security advisory resolves a vulnerability in the RichText field type. By entering a maliciously crafted input into the RichText XML, an attacker could perform an attack using XML external entity (XXE) injection, which might be able to read files on the server. To exploit this vulnerability the attacker would need to already have edit permission to content with RichText fields, which typically means Editor role or higher. The fix removes unsafe elements from XML code, while preserving safe elements.\n\nIf you have a stored XXE attack in your content drafts, the fix prevents it from extracting data both during editing and preview. However, if such an attack has already been published and the result is stored in the content, it is unfortunately not possible to detect and remove it by automatic means.\n\n### Credits\nThis vulnerability was discovered and reported to Ibexa by Dennis Henke, Thorsten Niephaus, Marat Aytuganov, and Stephan Sekula of [Compass Security Deutschland GmbH](https://www.compass-security.com/en/). We thank them for reporting it responsibly to us.\n\n### Patches\n- See \"Patched versions\"\n- https://github.com/ibexa/fieldtype-richtext/commit/823cba6b5ee2e81d7d74e622ce42c1451e8e1337\n\n### Workarounds\n- Exploitation requires edit access to RichText content. If you can trust your editors, and you don't grant edit permission to any externals, you are not at risk in practice.\n\n### References\n- https://developers.ibexa.co/security-advisories/ibexa-sa-2025-002-xxe-vulnerability-in-richtext","references":[{"reference_url":"https://developers.ibexa.co/security-advisories/ibexa-sa-2025-002-xxe-vulnerability-in-richtext","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://developers.ibexa.co/security-advisories/ibexa-sa-2025-002-xxe-vulnerability-in-richtext"},{"reference_url":"https://github.com/ibexa/fieldtype-richtext","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ibexa/fieldtype-richtext"},{"reference_url":"https://github.com/ibexa/fieldtype-richtext/commit/823cba6b5ee2e81d7d74e622ce42c1451e8e1337","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ibexa/fieldtype-richtext/commit/823cba6b5ee2e81d7d74e622ce42c1451e8e1337"},{"reference_url":"https://github.com/ibexa/fieldtype-richtext/security/advisories/GHSA-cj3w-g42v-wcj6","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ibexa/fieldtype-richtext/security/advisories/GHSA-cj3w-g42v-wcj6"},{"reference_url":"https://github.com/advisories/GHSA-cj3w-g42v-wcj6","reference_id":"GHSA-cj3w-g42v-wcj6","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-cj3w-g42v-wcj6"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376314?format=json","purl":"pkg:composer/ibexa/fieldtype-richtext@4.6.19","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p5b-jzea-7yc1"},{"vulnerability":"VCID-ay2b-qhps-wqh7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/ibexa/fieldtype-richtext@4.6.19"}],"aliases":["GHSA-cj3w-g42v-wcj6"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1k32-w6cf-vqbt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/212305?format=json","vulnerability_id":"VCID-1p5b-jzea-7yc1","summary":"ibexa/fieldtype-richtext has an XSS vulnerability via acronym custom tag in Rich Text","references":[{"reference_url":"https://developers.ibexa.co/security-advisories/ibexa-sa-2025-004-xss-and-enumeration-vulnerabilities-in-back-office","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://developers.ibexa.co/security-advisories/ibexa-sa-2025-004-xss-and-enumeration-vulnerabilities-in-back-office"},{"reference_url":"https://github.com/ibexa/fieldtype-richtext","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ibexa/fieldtype-richtext"},{"reference_url":"https://github.com/advisories/GHSA-8c2g-f8jm-5cr7","reference_id":"GHSA-8c2g-f8jm-5cr7","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8c2g-f8jm-5cr7"},{"reference_url":"https://github.com/ibexa/fieldtype-richtext/security/advisories/GHSA-8c2g-f8jm-5cr7","reference_id":"GHSA-8c2g-f8jm-5cr7","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ibexa/fieldtype-richtext/security/advisories/GHSA-8c2g-f8jm-5cr7"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/34604?format=json","purl":"pkg:composer/ibexa/fieldtype-richtext@4.6.25","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/ibexa/fieldtype-richtext@4.6.25"},{"url":"http://public2.vulnerablecode.io/api/packages/34606?format=json","purl":"pkg:composer/ibexa/fieldtype-richtext@5.0.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/ibexa/fieldtype-richtext@5.0.3"}],"aliases":["GHSA-8c2g-f8jm-5cr7"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1p5b-jzea-7yc1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/360782?format=json","vulnerability_id":"VCID-ay2b-qhps-wqh7","summary":"Ibexa RichText Field Type XSS vulnerabilities in back office\n### Impact\nThis security advisory is a part of IBEXA-SA-2025-003, which resolves XSS vulnerabilities in several parts of the back office of Ibexa DXP. Back office access and varying levels of editing and management permissions are required to exploit these vulnerabilities. This typically means Editor or Administrator role, or similar. Injected XSS is persistent and can be reflected in the front office, possibly affecting end users. The fixes ensure XSS is escaped, and any existing injected XSS is rendered harmless.\n\n### Patches\n- See \"Patched versions\".\n- https://github.com/ibexa/fieldtype-richtext/commit/4a4a170c7faa4807ae0f74c581481b835bab3caf\n\n### Workarounds\nNone.","references":[{"reference_url":"https://developers.ibexa.co/security-advisories/ibexa-sa-2025-003-xss-vulnerabilities-in-back-office","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://developers.ibexa.co/security-advisories/ibexa-sa-2025-003-xss-vulnerabilities-in-back-office"},{"reference_url":"https://github.com/ibexa/fieldtype-richtext","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ibexa/fieldtype-richtext"},{"reference_url":"https://github.com/ibexa/fieldtype-richtext/commit/4a4a170c7faa4807ae0f74c581481b835bab3caf","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ibexa/fieldtype-richtext/commit/4a4a170c7faa4807ae0f74c581481b835bab3caf"},{"reference_url":"https://github.com/ibexa/fieldtype-richtext/security/advisories/GHSA-9qv6-4pwm-m68f","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ibexa/fieldtype-richtext/security/advisories/GHSA-9qv6-4pwm-m68f"},{"reference_url":"https://github.com/advisories/GHSA-9qv6-4pwm-m68f","reference_id":"GHSA-9qv6-4pwm-m68f","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-9qv6-4pwm-m68f"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/378625?format=json","purl":"pkg:composer/ibexa/fieldtype-richtext@4.6.21","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p5b-jzea-7yc1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/ibexa/fieldtype-richtext@4.6.21"}],"aliases":["GHSA-9qv6-4pwm-m68f"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ay2b-qhps-wqh7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31876?format=json","vulnerability_id":"VCID-b17j-485x-jfhs","summary":"Ibexa RichText Field Type is a Field Type for supporting rich formatted text stored in a structured XML format. In versions on the 4.6 branch prior to 4.6.10, the validator for the RichText fieldtype blocklists `javascript:` and `vbscript:` in links to prevent XSS. This can leave other options open, and the check can be circumvented using upper case. Content editing permissions for RichText content is required to exploit this vulnerability, which typically means Editor role or higher. The fix implements an allowlist instead, which allows only approved link protocols. The new check is case insensitive. Version 4.6.10 contains a patch for this issue. No known workarounds are available.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-43369","reference_id":"","reference_type":"","scores":[{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.46123","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-43369"},{"reference_url":"https://github.com/ibexa/fieldtype-richtext","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ibexa/fieldtype-richtext"},{"reference_url":"https://github.com/ibexa/fieldtype-richtext/commit/0a3b830e8806d5169f697351fdc48ffd95a25c67","reference_id":"0a3b830e8806d5169f697351fdc48ffd95a25c67","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-16T13:57:12Z/"}],"url":"https://github.com/ibexa/fieldtype-richtext/commit/0a3b830e8806d5169f697351fdc48ffd95a25c67"},{"reference_url":"https://github.com/ibexa/fieldtype-richtext/commit/59e9c1a9da60597f60cf7338bf289dccaa7e27ca","reference_id":"59e9c1a9da60597f60cf7338bf289dccaa7e27ca","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-16T13:57:12Z/"}],"url":"https://github.com/ibexa/fieldtype-richtext/commit/59e9c1a9da60597f60cf7338bf289dccaa7e27ca"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-43369","reference_id":"CVE-2024-43369","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-43369"},{"reference_url":"https://github.com/advisories/GHSA-hvcf-6324-cjh7","reference_id":"GHSA-hvcf-6324-cjh7","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-hvcf-6324-cjh7"},{"reference_url":"https://github.com/ibexa/fieldtype-richtext/security/advisories/GHSA-hvcf-6324-cjh7","reference_id":"GHSA-hvcf-6324-cjh7","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-16T13:57:12Z/"}],"url":"https://github.com/ibexa/fieldtype-richtext/security/advisories/GHSA-hvcf-6324-cjh7"},{"reference_url":"https://github.com/ezsystems/ezplatform-richtext/security/advisories/GHSA-rhm7-7469-rcpw","reference_id":"GHSA-rhm7-7469-rcpw","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-16T13:57:12Z/"}],"url":"https://github.com/ezsystems/ezplatform-richtext/security/advisories/GHSA-rhm7-7469-rcpw"},{"reference_url":"https://developers.ibexa.co/security-advisories/ibexa-sa-2024-005-persistent-xss-in-richtext","reference_id":"ibexa-sa-2024-005-persistent-xss-in-richtext","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-16T13:57:12Z/"}],"url":"https://developers.ibexa.co/security-advisories/ibexa-sa-2024-005-persistent-xss-in-richtext"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/33011?format=json","purl":"pkg:composer/ibexa/fieldtype-richtext@4.6.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k32-w6cf-vqbt"},{"vulnerability":"VCID-1p5b-jzea-7yc1"},{"vulnerability":"VCID-ay2b-qhps-wqh7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/ibexa/fieldtype-richtext@4.6.10"}],"aliases":["CVE-2024-43369","GHSA-hvcf-6324-cjh7"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b17j-485x-jfhs"}],"fixing_vulnerabilities":[],"risk_score":"4.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/ibexa/fieldtype-richtext@4.6.0"}