Lucene search

GitHub_MCVELIST:CVE-2024-29882

HistoryMar 28, 2024 - 1:33 p.m.

CVE-2024-29882 SRS DOM - XSS on JSONP callback

2024-03-2813:33:42

CWE-79

GitHub_M

www.cve.org

cve-2024-29882

srs

xss

jsonp

endpoint

security vulnerability

fix

7.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

0.0004 Low

EPSS

Percentile

9.0%

JSON

SRS is a simple, high-efficiency, real-time video server. SRS’s /api/v1/vhosts/vid-<id>?callback=<payload> endpoint didn’t filter the callback function name which led to injecting malicious javascript payloads and executing XSS ( Cross-Site Scripting). This vulnerability is fixed in 5.0.210 and 6.0.121.

CNA Affected

[
  {
    "vendor": "ossrs",
    "product": "srs",
    "versions": [
      {
        "version": "< 5.0.210",
        "status": "affected"
      },
      {
        "version": ">= 6.0.0, < 6.0.121",
        "status": "affected"
      }
    ]
  }
]

References

github.com/ossrs/srs/commit/244ce7bc013a0b805274a65132a2980680ba6b9d

github.com/ossrs/srs/security/advisories/GHSA-gv9r-qcjc-5hj7

7.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

0.0004 Low

EPSS

Percentile

9.0%

JSON

Related for CVELIST:CVE-2024-29882