Back

CVE-2024-37304

June 12, 2024, 3:15 p.m.

Received
CVE has been recently published to the CVE List and has been received by the NVD.

Products

NuGet Gallery

  • 2024.05.28

Source

security-advisories@github.com

Tags

security-advisories@github.com
CWE-79
2024-06-12
CVE-2024-37304

CVE-2024-37304 details

Published : June 12, 2024, 3:15 p.m.
Last Modified : June 12, 2024, 3:15 p.m.

Description

NuGet Gallery is a package repository that powers nuget.org. The NuGetGallery has a security vulnerability related to its handling of autolinks in Markdown content. While the platform properly filters out JavaScript from standard links, it does not adequately sanitize autolinks. This oversight allows attackers to exploit autolinks as a vector for Cross-Site Scripting (XSS) attacks. When a user inputs a Markdown autolink such as `<javascript:alert(1)>`, the link is rendered without proper sanitization. This means that the JavaScript code within the autolink can be executed by the browser, leading to an XSS attack. Version 2024.05.28 contains a patch for this issue.

CVSS Score

1 2 3 4 5 6.1 7 8 9 10

Weakness

Weakness Name Description

CVSS Data

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

Base Score

6.1

Exploitability Score

Impact Score

Base Severity

MEDIUM

Vector String : CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

References

URL Source
https://github.com/NuGet/NuGetGallery/commit/c52b023659f4ad7b626874c1063f2b5e878a4fe0 security-advisories@github.com
https://github.com/NuGet/NuGetGallery/pull/9836 security-advisories@github.com
https://github.com/NuGet/NuGetGallery/security/advisories/GHSA-gwjh-c548-f787 security-advisories@github.com
This website uses the NVD API, but is not approved or certified by it.