Who are you? The Importance of Verifying Message Origins

SonarCloud detected a Cross-Site Scripting (XSS) vulnerability via event listener (CVE-2023-46252) and an authenticated Arbitrary File Write (CVE-2023-46253) in Squidex version 7.8.2 and below, which allowed attackers to gain remote code execution on a vulnerable Squidex instance by tricking a user into clicking on a malicious link. Both vulnerabilities were fixed with Squidex version 7.9.0. The missing origin check in the event listener function was exploited by attackers to craft a malicious link, triggering an XSS attack and combining it with the arbitrary file write vulnerability for remote code execution.