CVE-2024-5478

Exploit

EPSS 0.39%
Veröffentlicht 06.06.2024 19:16:08
Zuletzt bearbeitet 21.11.2024 09:47:45
Quelle security@huntr.dev
CVE-Watchlists
Login
Unerledigt
Login

A Cross-site Scripting (XSS) vulnerability exists in the SAML metadata endpoint `/auth/saml/${org?.id}/metadata` of lunary-ai/lunary version 1.2.7. The vulnerability arises due to the application's failure to escape or validate the `orgId` parameter supplied by the user before incorporating it into the generated response. Specifically, the endpoint generates XML responses for SAML metadata, where the `orgId` parameter is directly embedded into the XML structure without proper sanitization or validation. This flaw allows an attacker to inject arbitrary JavaScript code into the generated SAML metadata page, leading to potential theft of user cookies or authentication tokens.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Lunary ≫ Lunary Version1.2.7

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.39%	0.591

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.1	2.8	2.7	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
security@huntr.dev	7.4	2.8	4	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N

CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

https://huntr.com/bounties/e899f496-d493-4c06-b596-cb0a88ad451b

Exploit

Issue Tracking

https://nvd.nist.gov/vuln/detail/CVE-2024-5478

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-5478

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-5478

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2024-5478