CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
AI Score
Confidence
High
EPSS
Percentile
9.0%
There is currently no escaping or validation of the callback
parameter that can be passed to various OMERO.web endpoints that have JSONP enabled. One such endpoint is /webclient/imgData/...
. As we only really use these endpoints with jQuery’s own callback name generation ^1 it is quite difficult or even impossible to exploit this in vanilla OMERO.web. However, these metadata endpoints are likely to be used by many plugins.
OMERO.web before 5.25.0
Users should upgrade to 5.26.0 or higher
None
For more information
If you have any questions or comments about this advisory:
Open an issue in omero-web
Email us at [email protected]
Vendor | Product | Version | CPE |
---|---|---|---|
openmicroscopy | omero-web | * | cpe:2.3:a:openmicroscopy:omero-web:*:*:*:*:*:*:*:* |