Tarteaucitron.js Cross-Site Scripting Vulnerability in Width and Height Methods
Vulnerability
A cross-site scripting (XSS) vulnerability has been identified in versions of Tarteaucitron.js prior to 1.17.0. The issue arises in the 'getElemWidth()' and 'getElemHeight()' methods, which do not properly sanitize user input, allowing for the injection of malicious scripts. This vulnerability was reported as part of a broader issue fixed in version 1.16.0, but the width and height methods were inadvertently left vulnerable.
Impact
Exploitation of this vulnerability allows for cross-site scripting attacks, where an attacker can inject malicious scripts that are executed in the context of the user's browser.
Reproduction
To reproduce this vulnerability, install Tarteaucitron.js version 1.16.1. Then, use the 'getElemWidth()' or 'getElemHeight()' methods with a 'div' element that includes unsanitized 'width' or 'height' attributes. When the element is processed by Tarteaucitron.js, the injected script will be executed.
Remediation
Users are advised to update to Tarteaucitron.js version 1.17.0 or later, where this vulnerability has been fixed.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.