CVE-2023-6568

Cross-site Scripting (XSS) - Reflected in GitHub repository mlflow/mlflow prior to 2.9.0.

CVSS v3 6.1 MEDIUM

6.1^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://github.com/mlflow/mlflow/commit/28ff3f94994941e038f2172c6484b65dc4db6ca1	Patch
https://huntr.com/bounties/816bdaaa-8153-4732-951e-b0d92fddf709	Exploit Third Party Advisory
https://github.com/mlflow/mlflow/commit/28ff3f94994941e038f2172c6484b65dc4db6ca1	Patch
https://huntr.com/bounties/816bdaaa-8153-4732-951e-b0d92fddf709	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:lfprojects:mlflow:*:*:*:*:*:*:*:*

History

21 Nov 2024, 08:44

Type	Values Removed	Values Added
References	~~() https://github.com/mlflow/mlflow/commit/28ff3f94994941e038f2172c6484b65dc4db6ca1 - Patch~~	() https://github.com/mlflow/mlflow/commit/28ff3f94994941e038f2172c6484b65dc4db6ca1 - Patch
References	~~() https://huntr.com/bounties/816bdaaa-8153-4732-951e-b0d92fddf709 - Exploit, Third Party Advisory~~	() https://huntr.com/bounties/816bdaaa-8153-4732-951e-b0d92fddf709 - Exploit, Third Party Advisory

09 Dec 2023, 04:51

Type	Values Removed	Values Added
First Time		Lfprojects mlflow Lfprojects
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 6.1
CWE		CWE-79
CPE		cpe:2.3:a:lfprojects:mlflow::::::::
References	~~() https://github.com/mlflow/mlflow/commit/28ff3f94994941e038f2172c6484b65dc4db6ca1 -~~	() https://github.com/mlflow/mlflow/commit/28ff3f94994941e038f2172c6484b65dc4db6ca1 - Patch
References	~~() https://huntr.com/bounties/816bdaaa-8153-4732-951e-b0d92fddf709 -~~	() https://huntr.com/bounties/816bdaaa-8153-4732-951e-b0d92fddf709 - Exploit, Third Party Advisory

07 Dec 2023, 05:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-12-07 05:15

Updated : 2024-11-21 08:44

NVD link : CVE-2023-6568

Mitre link : CVE-2023-6568

CVE.ORG link : CVE-2023-6568

JSON object : View

Products Affected

lfprojects

mlflow

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

{"id": "CVE-2023-6568", "metrics": {"cvssMetricV30": [{"type": "Secondary", "source": "security@huntr.dev", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.8}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}]}, "published": "2023-12-07T05:15:09.347", "references": [{"url": "https://github.com/mlflow/mlflow/commit/28ff3f94994941e038f2172c6484b65dc4db6ca1", "tags": ["Patch"], "source": "security@huntr.dev"}, {"url": "https://huntr.com/bounties/816bdaaa-8153-4732-951e-b0d92fddf709", "tags": ["Exploit", "Third Party Advisory"], "source": "security@huntr.dev"}, {"url": "https://github.com/mlflow/mlflow/commit/28ff3f94994941e038f2172c6484b65dc4db6ca1", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://huntr.com/bounties/816bdaaa-8153-4732-951e-b0d92fddf709", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "security@huntr.dev", "description": [{"lang": "en", "value": "CWE-79"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "A reflected Cross-Site Scripting (XSS) vulnerability exists in the mlflow/mlflow repository, specifically within the handling of the Content-Type header in POST requests. An attacker can inject malicious JavaScript code into the Content-Type header, which is then improperly reflected back to the user without adequate sanitization or escaping, leading to arbitrary JavaScript execution in the context of the victim's browser. The vulnerability is present in the mlflow/server/auth/__init__.py file, where the user-supplied Content-Type header is directly injected into a Python formatted string and returned to the user, facilitating the XSS attack."}, {"lang": "es", "value": "Cross-Site-Scripting (XSS) Reflejadas en el repositorio de GitHub mlflow/mlflow antes de 2.9.0."}], "lastModified": "2024-11-21T08:44:07.173", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:lfprojects:mlflow:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D7B09299-B859-4252-B907-2924010BD019", "versionEndIncluding": "2.9.0"}], "operator": "OR"}]}], "sourceIdentifier": "security@huntr.dev"}