Lucene search

GitHub_MCVELIST:CVE-2024-28855

HistoryMar 18, 2024 - 9:46 p.m.

CVE-2024-28855 ZITADEL vulnerable to improper HTML sanitization

2024-03-1821:46:47

CWE-20

GitHub_M

www.cve.org

zitadel

html sanitization

go templates

security patch

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

0.0004 Low

EPSS

Percentile

13.0%

JSON

ZITADEL, open source authentication management software, uses Go templates to render the login UI. Due to a improper use of the text/template instead of the html/template package, the Login UI did not sanitize input parameters prior to versions 2.47.3, 2.46.1, 2.45.1, 2.44.3, 2.43.9, 2.42.15, and 2.41.15. An attacker could create a malicious link, where he injected code which would be rendered as part of the login screen. While it was possible to inject HTML including JavaScript, the execution of such scripts would be prevented by the Content Security Policy. Versions 2.47.3, 2.46.1, 2.45.1, 2.44.3, 2.43.9, 2.42.15, and 2.41.15 contain a patch for this issue. No known workarounds are available.

CNA Affected

[
  {
    "vendor": "zitadel",
    "product": "zitadel",
    "versions": [
      {
        "version": "< 2.41.15",
        "status": "affected"
      },
      {
        "version": ">= 2.42.0, < 2.42.15",
        "status": "affected"
      },
      {
        "version": ">= 2.43.0, < 2.43.9",
        "status": "affected"
      },
      {
        "version": ">= 2.44.0, < 2.44.3",
        "status": "affected"
      },
      {
        "version": "= 2.45.0",
        "status": "affected"
      },
      {
        "version": "= 2.46.0",
        "status": "affected"
      },
      {
        "version": ">= 2.47.0, < 2.47.4",
        "status": "affected"
      }
    ]
  }
]

References

github.com/zitadel/zitadel/releases/tag/v2.41.15

github.com/zitadel/zitadel/releases/tag/v2.42.15

github.com/zitadel/zitadel/releases/tag/v2.43.9

github.com/zitadel/zitadel/releases/tag/v2.44.3

github.com/zitadel/zitadel/releases/tag/v2.45.1

github.com/zitadel/zitadel/releases/tag/v2.46.1

github.com/zitadel/zitadel/releases/tag/v2.47.3

github.com/zitadel/zitadel/security/advisories/GHSA-hfrg-4jwr-jfpj

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

0.0004 Low

EPSS

Percentile

13.0%

JSON

Related for CVELIST:CVE-2024-28855