CVE-2023-49657

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-49657
A stored cross-site scripting (XSS) vulnerability exists in Apache Superset before 3.0.3. An authenticated attacker with create/update permissions on charts or dashboards could store a script or add a specific HTML snippet that would act as a stored XSS. For 2.X versions, users should change their config to include: TALISMAN_CONFIG = {     "content_security_policy": {         "base-uri": ["'self'"],         "default-src": ["'self'"],         "img-src": ["'self'", "blob:", "data:"],         "worker-src": ["'self'", "blob:"],         "connect-src": [             "'self'",             " https://api.mapbox.com" https://api.mapbox.com" ;,             " https://events.mapbox.com" https://events.mapbox.com" ;,         ],         "object-src": "'none'",         "style-src": [             "'self'",             "'unsafe-inline'",         ],         "script-src": ["'self'", "'strict-dynamic'"],     },     "content_security_policy_nonce_in": ["script-src"],     "force_https": False,     "session_cookie_secure": False, }

5.4 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.3 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References
Link Resource
https://lists.apache.org/thread/wjyvz8om9nwd396lh0bt156mtwjxpsvx Mailing List Mitigation Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:apache:superset:*:*:*:*:*:*:*:*
History

29 Jan 2024, 16:05

Type Values Removed Values Added
First Time Apache
Apache superset
References () https://lists.apache.org/thread/wjyvz8om9nwd396lh0bt156mtwjxpsvx - () https://lists.apache.org/thread/wjyvz8om9nwd396lh0bt156mtwjxpsvx - Mailing List, Mitigation, Vendor Advisory
CPE cpe:2.3:a:apache:superset:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : 9.6 		v2 : unknown
v3 : 5.4

29 Jan 2024, 09:15

Type Values Removed Values Added
References
  • {'url': 'http://www.openwall.com/lists/oss-security/2024/01/23/5', 'source': 'security@apache.org'}
Summary
  • (es) Existe una vulnerabilidad de cross-site scripting (XSS) almacenado en Apache Superset anterior a 3.0.3. Un atacante autenticado con permisos de creación/actualización en gráficos o paneles podría almacenar un script o agregar un fragmento HTML específico que actuaría como un XSS almacenado. Para las versiones 2.X, los usuarios deben cambiar su configuración para incluir: TALISMAN_CONFIG = { "content_security_policy": { "base-uri": ["'self'"], "default-src": ["'self'"], "img-src": ["'self'", "blob:", "data:"], "worker-src": ["'self'", "blob:"], "connect-src": [ "'self'", " https://api.mapbox.com" https://api.mapbox.com" ;, " https://events.mapbox.com" https://events.mapbox.com" ;, ], "object-src": "'none'", "style-src": [ "'self'", "'unsafe-inline'", ], "script-src": ["'self' ", "'strict-dynamic'"], }, "content_security_policy_nonce_in": ["script-src"], "force_https": False, "session_cookie_secure": False, }

23 Jan 2024, 21:15

Type Values Removed Values Added
References
  • () http://www.openwall.com/lists/oss-security/2024/01/23/5 -

23 Jan 2024, 15:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-01-23 15:15

Updated : 2024-01-29 16:05

NVD link : CVE-2023-49657

Mitre link : CVE-2023-49657

CVE.ORG link : CVE-2023-49657

JSON object : View

Products Affected

apache

  • superset
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')