CVE-2024-37304

June 12, 2024, 3:15 p.m.

6.1
Medium

Description

NuGet Gallery is a package repository that powers nuget.org. The NuGetGallery has a security vulnerability related to its handling of autolinks in Markdown content. While the platform properly filters out JavaScript from standard links, it does not adequately sanitize autolinks. This oversight allows attackers to exploit autolinks as a vector for Cross-Site Scripting (XSS) attacks. When a user inputs a Markdown autolink such as `<javascript:alert(1)>`, the link is rendered without proper sanitization. This means that the JavaScript code within the autolink can be executed by the browser, leading to an XSS attack. Version 2024.05.28 contains a patch for this issue.

Product(s) Impacted

Product Versions
NuGet Gallery
  • ['2024.05.28']

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://github.com/NuGet/NuGetGallery/commit/c52b023659f4ad7b626874c1063f2b5e878a4fe0
https://github.com/NuGet/NuGetGallery/pull/9836
https://github.com/NuGet/NuGetGallery/security/advisories/GHSA-gwjh-c548-f787

Tags

security-advisories@github.com
CWE-79
2024-06-12
CVE-2024-37304

CVSS Score

6.1 / 10

CVSS Data - 3.1

  • Attack Vector: NETWORK
  • Attack Complexity: LOW
  • Privileges Required: NONE
  • Scope: CHANGED
  • Confidentiality Impact: LOW
  • Integrity Impact: LOW
  • Availability Impact: NONE

    • CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

    View Vector String

Timeline

Published: June 12, 2024, 3:15 p.m.
Last Modified: June 12, 2024, 3:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

security-advisories@github.com

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.