231 matches found
GHSA-3PG4-QWC8-426R OpenRefine leaks Google API credentials in releases
Impact OpenRefine releases contain Google API authentication keys "client id" and "client secret" which can be extracted from released artifacts. For instance, download the package for OpenRefine 3.8.2 on linux. It contains the file...
OpenRefine leaks Google API credentials in releases
Impact OpenRefine releases contain Google API authentication keys "client id" and "client secret" which can be extracted from released artifacts. For instance, download the package for OpenRefine 3.8.2 on linux. It contains the file...
org.openrefine:benchmark (>=3.6-beta1 <=3.8.2), org.openrefine:database (>=3.6-beta1 <=3.8.2) +7 more potentially affected by unknown CVE via org.openrefine.dependencies:butterfly (>=1.2.3 <=1.2.5)
org.openrefine.dependencies:butterfly MAVEN version =1.2.3, =3.6-beta1, =3.6-beta1, =3.6-beta1, =3.6-beta1, =3.6-beta1, =3.6-beta1, =3.6-beta1, =3.7-beta1, =3.6-beta1, =3.6.2 Source cves: unknown CVE Source advisory: OSV:GHSA-MPCW-3J5P-P99X...
Butterfly's parseJSON, getJSON functions eval malicious input, leading to remote code execution (RCE)
Summary Usage of the Butterfly.prototype.parseJSON or getJSON functions on an attacker-controlled crafted input string allows the attacker to execute arbitrary JavaScript code on the server. Since Butterfly JavaScript code has access to Java classes, it can run arbitrary programs. Details The...
org.openrefine:benchmark (>=3.6-beta1 <=3.8.2), org.openrefine:database (>=3.6-beta1 <=3.8.2) +7 more potentially affected by CVE-2024-47883 via org.openrefine.dependencies:butterfly (>=1.2.3 <=1.2.5)
org.openrefine.dependencies:butterfly MAVEN version =1.2.3, =3.6-beta1, =3.6-beta1, =3.6-beta1, =3.6-beta1, =3.6-beta1, =3.6-beta1, =3.6-beta1, =3.7-beta1, =3.6-beta1, =3.6.2 Source cves: CVE-2024-47883 Source advisory: OSV:GHSA-3P8V-W8MR-M3X8...
Butterfly has path/URL confusion in resource handling leading to multiple weaknesses
Summary The Butterfly framework uses the java.net.URL class to refer to what are expected to be local resource files, like images or templates. This works: "opening a connection" to these URLs opens the local file. However, if a file:/ URL is directly given where a relative path resource name is...
GHSA-J8HP-F2MJ-586G OpenRefine's error page lacks escaping, leading to potential Cross-site Scripting on import of malicious project
Summary The built-in "Something went wrong!" error page includes the exception message and exception traceback without escaping HTML tags, enabling injection into the page if an attacker can reliably produce an error with an attacker-influenced message. It appears that the only way to reach this...
OpenRefine's error page lacks escaping, leading to potential Cross-site Scripting on import of malicious project
Summary The built-in "Something went wrong!" error page includes the exception message and exception traceback without escaping HTML tags, enabling injection into the page if an attacker can reliably produce an error with an attacker-influenced message. It appears that the only way to reach this...
GHSA-87CF-J763-VVH8 OpenRefine's SQLite integration allows filesystem access, remote code execution (RCE)
Summary In the database extension, the "enableloadextension" property can be set for the SQLite integration, enabling an attacker to load local or remote extension DLLs and so run arbitrary code on the server. The attacker needs to have network access to the OpenRefine instance. Details The...
OpenRefine's SQLite integration allows filesystem access, remote code execution (RCE)
Summary In the database extension, the "enableloadextension" property can be set for the SQLite integration, enabling an attacker to load local or remote extension DLLs and so run arbitrary code on the server. The attacker needs to have network access to the OpenRefine instance. Details The...
GHSA-79JV-5226-783F OpenRefine has a reflected cross-site scripting vulnerability (XSS) from POST request in ExportRowsCommand
Summary The export-rows command can be used in such a way that it reflects part of the request verbatim, with a Content-Type header also taken from the request. An attacker could lead a user to a malicious page that submits a form POST that contains embedded JavaScript code. This code would then ...
OpenRefine has a reflected cross-site scripting vulnerability (XSS) from POST request in ExportRowsCommand
Summary The export-rows command can be used in such a way that it reflects part of the request verbatim, with a Content-Type header also taken from the request. An attacker could lead a user to a malicious page that submits a form POST that contains embedded JavaScript code. This code would then ...
GHSA-3JM4-C6QF-JRH3 OpenRefine's PreviewExpressionCommand, which is eval, lacks protection against cross-site request forgery (CSRF)
Summary Lack of CSRF protection on the preview-expression command means that visiting a malicious website could cause an attacker-controlled expression to be executed. The expression can contain arbitrary Clojure or Python code. The attacker must know a valid project ID of a project that contains...
OpenRefine's PreviewExpressionCommand, which is eval, lacks protection against cross-site request forgery (CSRF)
Summary Lack of CSRF protection on the preview-expression command means that visiting a malicious website could cause an attacker-controlled expression to be executed. The expression can contain arbitrary Clojure or Python code. The attacker must know a valid project ID of a project that contains...
GHSA-PW3X-C5VP-MFC3 OpenRefine has a reflected cross-site scripting vulnerability (XSS) in GData extension (authorized.vt)
Summary The /extension/gdata/authorized endpoint includes the state GET parameter verbatim in a tag in the output, so without escaping. An attacker could lead or redirect a user to a crafted URL containing JavaScript code, which would then cause that code to be executed in the victim's browser as...
OpenRefine has a reflected cross-site scripting vulnerability (XSS) in GData extension (authorized.vt)
Summary The /extension/gdata/authorized endpoint includes the state GET parameter verbatim in a tag in the output, so without escaping. An attacker could lead or redirect a user to a crafted URL containing JavaScript code, which would then cause that code to be executed in the victim's browser as...
OpenRefine 跨站脚本漏洞
OpenRefine is a Java-based open source tool from OpenRefine Open Source. The product is mainly used for loading data, analyzing data and cleaning data, etc. A cross-site scripting vulnerability exists in OpenRefine prior to version 3.8.3, which stems from a cross-site scripting attack that can be...
OpenRefine 代码注入漏洞
OpenRefine is a Java-based open source tool. The product is mainly used for loading data, analyzing data and cleaning data, among other things. A code injection vulnerability exists in OpenRefine prior to version 3.8.3 that stems from the lack of cross-site request forgery protection in the...
OpenRefine 安全漏洞
OpenRefine is a Java-based open source tool from OpenRefine Open Source. The product is mainly used for loading data, analyzing data and cleaning data, etc. A security vulnerability exists in OpenRefine prior to version 3.8.3, which stems from the built-in "Something went error!" error page that...
PT-2024-32868 · Unknown +3 · Openrefine +3
Name of the Vulnerable Software and Affected Versions: OpenRefine versions prior to 3.8.3 Description: The issue concerns the /extension/gdata/authorized endpoint, which includes the state GET parameter verbatim in a tag in the output without escaping. This allows an attacker to lead or redirect ...