@ui5/webcomponents-base is vulnerable to Origin Validation Error
35
Low Risk
@ui5/webcomponents-base builds a theme CSS <link> from the configurable themeRoot value in validateThemeRoot. The origin check treats any value that starts with / as a same-origin relative path, so a protocol-relative URL such as //attacker.example/path is resolved against the page origin and skips the sap-allowed-theme-origins allowlist entirely. An application that derives themeRoot from attacker-influenced input then inserts a stylesheet link pointing at an external, attacker-controlled origin, loading untrusted CSS into the page. The fix excludes protocol-relative URLs from the relative-path branch and routes them through the origin allowlist validation.
You are affected if you are using a version that falls within the vulnerable range and your application sets the theme root from attacker-influenced input.
@ui5/webcomponents-base is vulnerable to Origin Validation Error in versions 1.12.0 - 2.21.1.
Upgrade the @ui5/webcomponents-base library to the patch version.
Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.
Free. No credit card required.

I consent to receiving marketing communications based on Aikido’s Privacy Policy.
SOC 2Compliant
ISO 27001Compliant