Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-xw7c-jx9m-xh5g

Опубликовано: 07 июн. 2021
Источник: github
Github: Прошло ревью
CVSS4: 5.3
CVSS3: 7.2

Описание

Reflected cross-site scripting issue in Datasette

Impact

The ?_trace=1 debugging feature in Datasette does not correctly escape generated HTML, resulting in a reflected cross-site scripting vulnerability.

This vulnerability is particularly relevant if your Datasette installation includes authenticated features using plugins such as datasette-auth-passwords as an attacker could use the vulnerability to access protected data.

Patches

Datasette 0.57 and 0.56.1 both include patches for this issue.

Workarounds

If you run Datasette behind a proxy you can workaround this issue by rejecting any incoming requests with ?_trace= or &_trace= in their query string parameters.

References

For more information

If you have any questions or comments about this advisory:

  • Open a discussion in simonw/datasette
  • Email us at swillison+datasette @ gmail.com

Ссылки

Пакеты

Наименование

datasette

pip
Затронутые версииВерсия исправления

< 0.56.1

0.56.1

EPSS

Процентиль: 68%
0.00594
Низкий

5.3 Medium

CVSS4

7.2 High

CVSS3

CVE ID

CVE-2021-32670

Дефекты

CWE-79

Связанные уязвимости

nvd логотип

CVE-2021-32670

CVSS3: 7.2
nvd
около 4 лет назад

Datasette is an open source multi-tool for exploring and publishing data. The `?_trace=1` debugging feature in Datasette does not correctly escape generated HTML, resulting in a [reflected cross-site scripting](https://owasp.org/www-community/attacks/xss/#reflected-xss-attacks) vulnerability. This vulnerability is particularly relevant if your Datasette installation includes authenticated features using plugins such as [datasette-auth-passwords](https://datasette.io/plugins/datasette-auth-passwords) as an attacker could use the vulnerability to access protected data. Datasette 0.57 and 0.56.1 both include patches for this issue. If you run Datasette behind a proxy you can workaround this issue by rejecting any incoming requests with `?_trace=` or `&_trace=` in their query string parameters.

EPSS

Процентиль: 68%
0.00594
Низкий

5.3 Medium

CVSS4

7.2 High

CVSS3

CVE ID

CVE-2021-32670

Дефекты

CWE-79