cve-2023-47115
Vulnerability from cvelistv5
Published
2024-01-23 22:49
Modified
2024-08-02 21:01
Severity ?
EPSS score ?
Summary
Label Studio XSS Vulnerability on Avatar Upload
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| HumanSignal | label-studio |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:01:22.795Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/HumanSignal/label-studio/security/advisories/GHSA-q68h-xwq5-mm7x",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/HumanSignal/label-studio/security/advisories/GHSA-q68h-xwq5-mm7x"
},
{
"name": "https://github.com/HumanSignal/label-studio/commit/a7a71e594f32ec4af8f3f800d5ccb8662e275da3",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/HumanSignal/label-studio/commit/a7a71e594f32ec4af8f3f800d5ccb8662e275da3"
},
{
"name": "https://docs.djangoproject.com/en/4.2/ref/views/#serving-files-in-development",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.djangoproject.com/en/4.2/ref/views/#serving-files-in-development"
},
{
"name": "https://github.com/HumanSignal/label-studio/blob/1.8.2/label_studio/users/functions.py#L18-L49",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/HumanSignal/label-studio/blob/1.8.2/label_studio/users/functions.py#L18-L49"
},
{
"name": "https://github.com/HumanSignal/label-studio/blob/1.8.2/label_studio/users/urls.py#L25-L26",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/HumanSignal/label-studio/blob/1.8.2/label_studio/users/urls.py#L25-L26"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "label-studio",
"vendor": "HumanSignal",
"versions": [
{
"status": "affected",
"version": "\u003c 1.9.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Label Studio is an a popular open source data labeling tool. Versions prior to 1.9.2 have a cross-site scripting (XSS) vulnerability that could be exploited when an authenticated user uploads a crafted image file for their avatar that gets rendered as a HTML file on the website. Executing arbitrary JavaScript could result in an attacker performing malicious actions on Label Studio users if they visit the crafted avatar image. For an example, an attacker can craft a JavaScript payload that adds a new Django Super Administrator user if a Django administrator visits the image.\n\nThe file `users/functions.py` lines 18-49 show that the only verification check is that the file is an image by extracting the dimensions from the file. Label Studio serves avatar images using Django\u0027s built-in `serve` view, which is not secure for production use according to Django\u0027s documentation. The issue with the Django `serve` view is that it determines the `Content-Type` of the response by the file extension in the URL path. Therefore, an attacker can upload an image that contains malicious HTML code and name the file with a `.html` extension to be rendered as a HTML page. The only file extension validation is performed on the client-side, which can be easily bypassed.\n\nVersion 1.9.2 fixes this issue. Other remediation strategies include validating the file extension on the server side, not in client-side code; removing the use of Django\u0027s `serve` view and implement a secure controller for viewing uploaded avatar images; saving file content in the database rather than on the filesystem to mitigate against other file related vulnerabilities; and avoiding trusting user controlled inputs."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-23T22:49:03.958Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/HumanSignal/label-studio/security/advisories/GHSA-q68h-xwq5-mm7x",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/HumanSignal/label-studio/security/advisories/GHSA-q68h-xwq5-mm7x"
},
{
"name": "https://github.com/HumanSignal/label-studio/commit/a7a71e594f32ec4af8f3f800d5ccb8662e275da3",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/HumanSignal/label-studio/commit/a7a71e594f32ec4af8f3f800d5ccb8662e275da3"
},
{
"name": "https://docs.djangoproject.com/en/4.2/ref/views/#serving-files-in-development",
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.djangoproject.com/en/4.2/ref/views/#serving-files-in-development"
},
{
"name": "https://github.com/HumanSignal/label-studio/blob/1.8.2/label_studio/users/functions.py#L18-L49",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/HumanSignal/label-studio/blob/1.8.2/label_studio/users/functions.py#L18-L49"
},
{
"name": "https://github.com/HumanSignal/label-studio/blob/1.8.2/label_studio/users/urls.py#L25-L26",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/HumanSignal/label-studio/blob/1.8.2/label_studio/users/urls.py#L25-L26"
}
],
"source": {
"advisory": "GHSA-q68h-xwq5-mm7x",
"discovery": "UNKNOWN"
},
"title": "Label Studio XSS Vulnerability on Avatar Upload"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-47115",
"datePublished": "2024-01-23T22:49:03.958Z",
"dateReserved": "2023-10-30T19:57:51.674Z",
"dateUpdated": "2024-08-02T21:01:22.795Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2023-47115\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2024-01-23T23:15:08.100\",\"lastModified\":\"2024-02-01T15:48:10.727\",\"vulnStatus\":\"Analyzed\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"Label Studio is an a popular open source data labeling tool. Versions prior to 1.9.2 have a cross-site scripting (XSS) vulnerability that could be exploited when an authenticated user uploads a crafted image file for their avatar that gets rendered as a HTML file on the website. Executing arbitrary JavaScript could result in an attacker performing malicious actions on Label Studio users if they visit the crafted avatar image. For an example, an attacker can craft a JavaScript payload that adds a new Django Super Administrator user if a Django administrator visits the image.\\n\\nThe file `users/functions.py` lines 18-49 show that the only verification check is that the file is an image by extracting the dimensions from the file. Label Studio serves avatar images using Django\u0027s built-in `serve` view, which is not secure for production use according to Django\u0027s documentation. The issue with the Django `serve` view is that it determines the `Content-Type` of the response by the file extension in the URL path. Therefore, an attacker can upload an image that contains malicious HTML code and name the file with a `.html` extension to be rendered as a HTML page. The only file extension validation is performed on the client-side, which can be easily bypassed.\\n\\nVersion 1.9.2 fixes this issue. Other remediation strategies include validating the file extension on the server side, not in client-side code; removing the use of Django\u0027s `serve` view and implement a secure controller for viewing uploaded avatar images; saving file content in the database rather than on the filesystem to mitigate against other file related vulnerabilities; and avoiding trusting user controlled inputs.\"},{\"lang\":\"es\",\"value\":\"Label Studio es una popular herramienta de etiquetado de datos de c\u00f3digo abierto. Las versiones anteriores a la 1.9.2 tienen una vulnerabilidad de cross-site scripting (XSS) que podr\u00eda explotarse cuando un usuario autenticado carga un archivo de imagen manipulado para su avatar que se representa como un archivo HTML en el sitio web. La ejecuci\u00f3n de JavaScript arbitrario podr\u00eda provocar que un atacante realice acciones maliciosas en los usuarios de Label Studio si visitan la imagen de avatar creada. Por ejemplo, un atacante puede crear un payload de JavaScript que agregue un nuevo usuario de Superadministrador de Django si un administrador de Django visita la imagen. Las l\u00edneas 18-49 del archivo `users/functions.py` muestran que la \u00fanica verificaci\u00f3n de verificaci\u00f3n es que el archivo es una imagen extrayendo las dimensiones del archivo. Label Studio sirve im\u00e1genes de avatar utilizando la vista \\\"servir\\\" incorporada de Django, que no es segura para uso en producci\u00f3n seg\u00fan la documentaci\u00f3n de Django. El problema con la vista `serve` de Django es que determina el `Tipo de contenido` de la respuesta por la extensi\u00f3n del archivo en la ruta URL. Por lo tanto, un atacante puede cargar una imagen que contenga c\u00f3digo HTML malicioso y nombrar el archivo con una extensi\u00f3n \\\".html\\\" para que se represente como una p\u00e1gina HTML. La \u00fanica validaci\u00f3n de la extensi\u00f3n de archivo se realiza en el lado del cliente, lo que se puede omitir f\u00e1cilmente. La versi\u00f3n 1.9.2 soluciona este problema. Otras estrategias de correcci\u00f3n incluyen validar la extensi\u00f3n del archivo en el lado del servidor, no en el c\u00f3digo del lado del cliente; eliminar el uso de la vista `serve` de Django e implementar un controlador seguro para ver las im\u00e1genes de avatar cargadas; guardar el contenido del archivo en la base de datos en lugar de en el sistema de archivos para mitigar otras vulnerabilidades relacionadas con los archivos; y evitar confiar en las entradas controladas por el usuario.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\",\"baseScore\":5.4,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":2.3,\"impactScore\":2.7},{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":3.7}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]},{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:humansignal:label_studio:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.9.2\",\"matchCriteriaId\":\"326DCEFD-7346-4651-80AD-728FE9E4BD87\"}]}]}],\"references\":[{\"url\":\"https://docs.djangoproject.com/en/4.2/ref/views/#serving-files-in-development\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Not Applicable\"]},{\"url\":\"https://github.com/HumanSignal/label-studio/blob/1.8.2/label_studio/users/functions.py#L18-L49\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/HumanSignal/label-studio/blob/1.8.2/label_studio/users/urls.py#L25-L26\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/HumanSignal/label-studio/commit/a7a71e594f32ec4af8f3f800d5ccb8662e275da3\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/HumanSignal/label-studio/security/advisories/GHSA-q68h-xwq5-mm7x\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}"
}
}
gsd-2023-47115
Vulnerability from gsd
Modified
2023-12-13 01:20
Details
Label Studio is an a popular open source data labeling tool. Versions prior to 1.9.2 have a cross-site scripting (XSS) vulnerability that could be exploited when an authenticated user uploads a crafted image file for their avatar that gets rendered as a HTML file on the website. Executing arbitrary JavaScript could result in an attacker performing malicious actions on Label Studio users if they visit the crafted avatar image. For an example, an attacker can craft a JavaScript payload that adds a new Django Super Administrator user if a Django administrator visits the image.
The file `users/functions.py` lines 18-49 show that the only verification check is that the file is an image by extracting the dimensions from the file. Label Studio serves avatar images using Django's built-in `serve` view, which is not secure for production use according to Django's documentation. The issue with the Django `serve` view is that it determines the `Content-Type` of the response by the file extension in the URL path. Therefore, an attacker can upload an image that contains malicious HTML code and name the file with a `.html` extension to be rendered as a HTML page. The only file extension validation is performed on the client-side, which can be easily bypassed.
Version 1.9.2 fixes this issue. Other remediation strategies include validating the file extension on the server side, not in client-side code; removing the use of Django's `serve` view and implement a secure controller for viewing uploaded avatar images; saving file content in the database rather than on the filesystem to mitigate against other file related vulnerabilities; and avoiding trusting user controlled inputs.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2023-47115",
"id": "GSD-2023-47115"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2023-47115"
],
"details": "Label Studio is an a popular open source data labeling tool. Versions prior to 1.9.2 have a cross-site scripting (XSS) vulnerability that could be exploited when an authenticated user uploads a crafted image file for their avatar that gets rendered as a HTML file on the website. Executing arbitrary JavaScript could result in an attacker performing malicious actions on Label Studio users if they visit the crafted avatar image. For an example, an attacker can craft a JavaScript payload that adds a new Django Super Administrator user if a Django administrator visits the image.\n\nThe file `users/functions.py` lines 18-49 show that the only verification check is that the file is an image by extracting the dimensions from the file. Label Studio serves avatar images using Django\u0027s built-in `serve` view, which is not secure for production use according to Django\u0027s documentation. The issue with the Django `serve` view is that it determines the `Content-Type` of the response by the file extension in the URL path. Therefore, an attacker can upload an image that contains malicious HTML code and name the file with a `.html` extension to be rendered as a HTML page. The only file extension validation is performed on the client-side, which can be easily bypassed.\n\nVersion 1.9.2 fixes this issue. Other remediation strategies include validating the file extension on the server side, not in client-side code; removing the use of Django\u0027s `serve` view and implement a secure controller for viewing uploaded avatar images; saving file content in the database rather than on the filesystem to mitigate against other file related vulnerabilities; and avoiding trusting user controlled inputs.",
"id": "GSD-2023-47115",
"modified": "2023-12-13T01:20:51.343503Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2023-47115",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "label-studio",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "\u003c 1.9.2"
}
]
}
}
]
},
"vendor_name": "HumanSignal"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Label Studio is an a popular open source data labeling tool. Versions prior to 1.9.2 have a cross-site scripting (XSS) vulnerability that could be exploited when an authenticated user uploads a crafted image file for their avatar that gets rendered as a HTML file on the website. Executing arbitrary JavaScript could result in an attacker performing malicious actions on Label Studio users if they visit the crafted avatar image. For an example, an attacker can craft a JavaScript payload that adds a new Django Super Administrator user if a Django administrator visits the image.\n\nThe file `users/functions.py` lines 18-49 show that the only verification check is that the file is an image by extracting the dimensions from the file. Label Studio serves avatar images using Django\u0027s built-in `serve` view, which is not secure for production use according to Django\u0027s documentation. The issue with the Django `serve` view is that it determines the `Content-Type` of the response by the file extension in the URL path. Therefore, an attacker can upload an image that contains malicious HTML code and name the file with a `.html` extension to be rendered as a HTML page. The only file extension validation is performed on the client-side, which can be easily bypassed.\n\nVersion 1.9.2 fixes this issue. Other remediation strategies include validating the file extension on the server side, not in client-side code; removing the use of Django\u0027s `serve` view and implement a secure controller for viewing uploaded avatar images; saving file content in the database rather than on the filesystem to mitigate against other file related vulnerabilities; and avoiding trusting user controlled inputs."
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-79",
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/HumanSignal/label-studio/security/advisories/GHSA-q68h-xwq5-mm7x",
"refsource": "MISC",
"url": "https://github.com/HumanSignal/label-studio/security/advisories/GHSA-q68h-xwq5-mm7x"
},
{
"name": "https://github.com/HumanSignal/label-studio/commit/a7a71e594f32ec4af8f3f800d5ccb8662e275da3",
"refsource": "MISC",
"url": "https://github.com/HumanSignal/label-studio/commit/a7a71e594f32ec4af8f3f800d5ccb8662e275da3"
},
{
"name": "https://docs.djangoproject.com/en/4.2/ref/views/#serving-files-in-development",
"refsource": "MISC",
"url": "https://docs.djangoproject.com/en/4.2/ref/views/#serving-files-in-development"
},
{
"name": "https://github.com/HumanSignal/label-studio/blob/1.8.2/label_studio/users/functions.py#L18-L49",
"refsource": "MISC",
"url": "https://github.com/HumanSignal/label-studio/blob/1.8.2/label_studio/users/functions.py#L18-L49"
},
{
"name": "https://github.com/HumanSignal/label-studio/blob/1.8.2/label_studio/users/urls.py#L25-L26",
"refsource": "MISC",
"url": "https://github.com/HumanSignal/label-studio/blob/1.8.2/label_studio/users/urls.py#L25-L26"
}
]
},
"source": {
"advisory": "GHSA-q68h-xwq5-mm7x",
"discovery": "UNKNOWN"
}
},
"nvd.nist.gov": {
"cve": {
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:humansignal:label_studio:*:*:*:*:*:*:*:*",
"matchCriteriaId": "326DCEFD-7346-4651-80AD-728FE9E4BD87",
"versionEndExcluding": "1.9.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Label Studio is an a popular open source data labeling tool. Versions prior to 1.9.2 have a cross-site scripting (XSS) vulnerability that could be exploited when an authenticated user uploads a crafted image file for their avatar that gets rendered as a HTML file on the website. Executing arbitrary JavaScript could result in an attacker performing malicious actions on Label Studio users if they visit the crafted avatar image. For an example, an attacker can craft a JavaScript payload that adds a new Django Super Administrator user if a Django administrator visits the image.\n\nThe file `users/functions.py` lines 18-49 show that the only verification check is that the file is an image by extracting the dimensions from the file. Label Studio serves avatar images using Django\u0027s built-in `serve` view, which is not secure for production use according to Django\u0027s documentation. The issue with the Django `serve` view is that it determines the `Content-Type` of the response by the file extension in the URL path. Therefore, an attacker can upload an image that contains malicious HTML code and name the file with a `.html` extension to be rendered as a HTML page. The only file extension validation is performed on the client-side, which can be easily bypassed.\n\nVersion 1.9.2 fixes this issue. Other remediation strategies include validating the file extension on the server side, not in client-side code; removing the use of Django\u0027s `serve` view and implement a secure controller for viewing uploaded avatar images; saving file content in the database rather than on the filesystem to mitigate against other file related vulnerabilities; and avoiding trusting user controlled inputs."
},
{
"lang": "es",
"value": "Label Studio es una popular herramienta de etiquetado de datos de c\u00f3digo abierto. Las versiones anteriores a la 1.9.2 tienen una vulnerabilidad de cross-site scripting (XSS) que podr\u00eda explotarse cuando un usuario autenticado carga un archivo de imagen manipulado para su avatar que se representa como un archivo HTML en el sitio web. La ejecuci\u00f3n de JavaScript arbitrario podr\u00eda provocar que un atacante realice acciones maliciosas en los usuarios de Label Studio si visitan la imagen de avatar creada. Por ejemplo, un atacante puede crear un payload de JavaScript que agregue un nuevo usuario de Superadministrador de Django si un administrador de Django visita la imagen. Las l\u00edneas 18-49 del archivo `users/functions.py` muestran que la \u00fanica verificaci\u00f3n de verificaci\u00f3n es que el archivo es una imagen extrayendo las dimensiones del archivo. Label Studio sirve im\u00e1genes de avatar utilizando la vista \"servir\" incorporada de Django, que no es segura para uso en producci\u00f3n seg\u00fan la documentaci\u00f3n de Django. El problema con la vista `serve` de Django es que determina el `Tipo de contenido` de la respuesta por la extensi\u00f3n del archivo en la ruta URL. Por lo tanto, un atacante puede cargar una imagen que contenga c\u00f3digo HTML malicioso y nombrar el archivo con una extensi\u00f3n \".html\" para que se represente como una p\u00e1gina HTML. La \u00fanica validaci\u00f3n de la extensi\u00f3n de archivo se realiza en el lado del cliente, lo que se puede omitir f\u00e1cilmente. La versi\u00f3n 1.9.2 soluciona este problema. Otras estrategias de correcci\u00f3n incluyen validar la extensi\u00f3n del archivo en el lado del servidor, no en el c\u00f3digo del lado del cliente; eliminar el uso de la vista `serve` de Django e implementar un controlador seguro para ver las im\u00e1genes de avatar cargadas; guardar el contenido del archivo en la base de datos en lugar de en el sistema de archivos para mitigar otras vulnerabilidades relacionadas con los archivos; y evitar confiar en las entradas controladas por el usuario."
}
],
"id": "CVE-2023-47115",
"lastModified": "2024-02-01T15:48:10.727",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7,
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
},
"published": "2024-01-23T23:15:08.100",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Not Applicable"
],
"url": "https://docs.djangoproject.com/en/4.2/ref/views/#serving-files-in-development"
},
{
"source": "security-advisories@github.com",
"tags": [
"Product"
],
"url": "https://github.com/HumanSignal/label-studio/blob/1.8.2/label_studio/users/functions.py#L18-L49"
},
{
"source": "security-advisories@github.com",
"tags": [
"Product"
],
"url": "https://github.com/HumanSignal/label-studio/blob/1.8.2/label_studio/users/urls.py#L25-L26"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/HumanSignal/label-studio/commit/a7a71e594f32ec4af8f3f800d5ccb8662e275da3"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/HumanSignal/label-studio/security/advisories/GHSA-q68h-xwq5-mm7x"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
}
}
}
ghsa-q68h-xwq5-mm7x
Vulnerability from github
Published
2024-01-24 14:21
Modified
2024-11-22 17:55
Severity ?
Summary
Cross-site Scripting Vulnerability on Avatar Upload
Details
Introduction
This write-up describes a vulnerability found in Label Studio, a popular open source data labeling tool. The vulnerability affects all versions of Label Studio prior to 1.9.2 and was tested on version 1.8.2.
Overview
Label Studio has a cross-site scripting (XSS) vulnerability that could be exploited when an authenticated user uploads a crafted image file for their avatar that gets rendered as a HTML file on the website.
Description
The following code snippet in Label Studio shows that the only verification check is that the file is an image by extracting the dimensions from the file.
```python
def hash_upload(instance, filename): filename = str(uuid.uuid4())[0:8] + '-' + filename return settings.AVATAR_PATH + '/' + filename <3>
def check_avatar(files): images = list(files.items()) if not images: return None
filename, avatar = list(files.items())[0] # get first file
w, h = get_image_dimensions(avatar) <1>
if not w or not h:
raise forms.ValidationError("Can't read image, try another one")
# validate dimensions
max_width = max_height = 1200
if w > max_width or h > max_height:
raise forms.ValidationError('Please use an image that is %s x %s pixels or smaller.'
% (max_width, max_height))
# validate content type
main, sub = avatar.content_type.split('/') <2>
if not (main == 'image' and sub.lower() in ['jpeg', 'jpg', 'gif', 'png']):
raise forms.ValidationError(u'Please use a JPEG, GIF or PNG image.')
# validate file size
max_size = 1024 * 1024
if len(avatar) > max_size:
raise forms.ValidationError('Avatar file size may not exceed ' + str(max_size/1024) + ' kb')
return avatar
``
1. Attempts to get image dimensions to validate the uploaded avatar file is an image.
2. Extracts theContent-Typefrom the uploadPOSTrequest. A user can easily bypass this verification by changing the mimetype of the uploaded file to an allowed type (eg.image/jpeg`).
3. The file extension of the uploaded file is never validated and is saved to the filesystem.
Label Studio serves avatar images using Django's built-in serve view, which is not secure for production use according to Django's documentation.
python
re_path(r'^data/' + settings.AVATAR_PATH + '/(?P<path>.*)$', serve,
kwargs={'document_root': join(settings.MEDIA_ROOT, settings.AVATAR_PATH)}),
The issue with the Django serve view is that it determines the Content-Type of the response by the file extension in the URL path. Therefore, an attacker can upload an image that contains malicious HTML code and name the file with a .html extension to be rendered as a HTML page. The only file extension validation is performed on the client-side, which can be easily bypassed.
Proof of Concept
Below are the steps to reproduce this issue and execute JavaScript code in the context of the Label Studio website.
- Using any JPEG or PNG image, add in the comment field in the metadata the HTML code
<script>alert(document.domain)</script>. This can be done using theexiftoolcommand as shown below that was used to create the following image.
bash
exiftool -Comment='<script>alert(document.domain)</script>' penguin.jpg
-
On Label Studio, navigate to account & settings page and intercept the upload request of the avatar image using a tool such as Burp Suite. Modify the filename in the request to have a
.htmlextension. -
Right click the image on the avatar profile and copy the URL. Send this to a victim and it will display an alert box with the host name of the Label Studio instance as shown below.
Impact
Executing arbitrary JavaScript could result in an attacker performing malicious actions on Label Studio users if they visit the crafted avatar image. For an example, an attacker can craft a JavaScript payload that adds a new Django Super Administrator user if a Django administrator visits the image.
Remediation Advice
- Validate the file extension on the server side, not in client-side code.
- Remove the use of Django's
serveview and implement a secure controller for viewing uploaded avatar images. - Consider saving file content in the database rather than on the filesystem to mitigate against other file related vulnerabilities.
- Avoid trusting user controlled inputs.
Discovered
- August 2023, Alex Brown, elttam
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "label-studio"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.9.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-47115"
],
"database_specific": {
"cwe_ids": [
"CWE-79"
],
"github_reviewed": true,
"github_reviewed_at": "2024-01-24T14:21:29Z",
"nvd_published_at": "2024-01-23T23:15:08Z",
"severity": "HIGH"
},
"details": "# Introduction\n\nThis write-up describes a vulnerability found in [Label Studio](https://github.com/HumanSignal/label-studio), a popular open source data labeling tool. The vulnerability affects all versions of Label Studio prior to `1.9.2` and was tested on version `1.8.2`.\n\n# Overview\n\n[Label Studio](https://github.com/HumanSignal/label-studio) has a cross-site scripting (XSS) vulnerability that could be exploited when an authenticated user uploads a crafted image file for their avatar that gets rendered as a HTML file on the website.\n\n# Description\n\nThe following [code snippet in Label Studio](https://github.com/HumanSignal/label-studio/blob/1.8.2/label_studio/users/functions.py#L18-L49) shows that the only verification check is that the file is an image by extracting the dimensions from the file.\n\n```python\n\ndef hash_upload(instance, filename):\n filename = str(uuid.uuid4())[0:8] + \u0027-\u0027 + filename\n return settings.AVATAR_PATH + \u0027/\u0027 + filename \u003c3\u003e\n\n\ndef check_avatar(files):\n images = list(files.items())\n if not images:\n return None\n\n filename, avatar = list(files.items())[0] # get first file\n w, h = get_image_dimensions(avatar) \u003c1\u003e\n if not w or not h:\n raise forms.ValidationError(\"Can\u0027t read image, try another one\")\n\n # validate dimensions\n max_width = max_height = 1200\n if w \u003e max_width or h \u003e max_height:\n raise forms.ValidationError(\u0027Please use an image that is %s x %s pixels or smaller.\u0027\n % (max_width, max_height))\n\n # validate content type\n main, sub = avatar.content_type.split(\u0027/\u0027) \u003c2\u003e\n if not (main == \u0027image\u0027 and sub.lower() in [\u0027jpeg\u0027, \u0027jpg\u0027, \u0027gif\u0027, \u0027png\u0027]):\n raise forms.ValidationError(u\u0027Please use a JPEG, GIF or PNG image.\u0027)\n\n # validate file size\n max_size = 1024 * 1024\n if len(avatar) \u003e max_size:\n raise forms.ValidationError(\u0027Avatar file size may not exceed \u0027 + str(max_size/1024) + \u0027 kb\u0027)\n\n return avatar\n```\n1. Attempts to get image dimensions to validate the uploaded avatar file is an image.\n2. Extracts the `Content-Type` from the upload `POST` request. A user can easily bypass this verification by changing the mimetype of the uploaded file to an allowed type (eg. `image/jpeg`).\n3. The file extension of the uploaded file is never validated and is saved to the filesystem.\n\n[Label Studio serves avatar images using Django\u0027s built-in `serve` view](https://github.com/HumanSignal/label-studio/blob/1.8.2/label_studio/users/urls.py#L25-L26), which is [not secure for production use according to Django\u0027s documentation](https://docs.djangoproject.com/en/4.2/ref/views/#serving-files-in-development).\n\n```python\n re_path(r\u0027^data/\u0027 + settings.AVATAR_PATH + \u0027/(?P\u003cpath\u003e.*)$\u0027, serve,\n kwargs={\u0027document_root\u0027: join(settings.MEDIA_ROOT, settings.AVATAR_PATH)}),\n```\n\nThe issue with the Django `serve` view is that it determines the `Content-Type` of the response by the file extension in the URL path. Therefore, an attacker can upload an image that contains malicious HTML code and name the file with a `.html` extension to be rendered as a HTML page. The only file extension validation is performed on the client-side, which can be easily bypassed.\n\n# Proof of Concept\n\nBelow are the steps to reproduce this issue and execute JavaScript code in the context of the Label Studio website.\n\n1. Using any JPEG or PNG image, add in the comment field in the metadata the HTML code `\u003cscript\u003ealert(document.domain)\u003c/script\u003e`. This can be done using the `exiftool` command as shown below that was used to create the following image.\n\n```bash\nexiftool -Comment=\u0027\u003cscript\u003ealert(document.domain)\u003c/script\u003e\u0027 penguin.jpg\n```\n\n\n\n2. On Label Studio, navigate to account \u0026 settings page and intercept the upload request of the avatar image using a tool such as Burp Suite. Modify the filename in the request to have a `.html` extension.\n\n3. Right click the image on the avatar profile and copy the URL. Send this to a victim and it will display an alert box with the host name of the Label Studio instance as shown below.\n\n\n\n# Impact\n\nExecuting arbitrary JavaScript could result in an attacker performing malicious actions on Label Studio users if they visit the crafted avatar image. For an example, an attacker can craft a JavaScript payload that adds a new Django Super Administrator user if a Django administrator visits the image.\n\n# Remediation Advice\n\n* Validate the file extension on the server side, not in client-side code.\n* Remove the use of Django\u0027s `serve` view and implement a secure controller for viewing uploaded avatar images.\n* Consider saving file content in the database rather than on the filesystem to mitigate against other file related vulnerabilities.\n* Avoid trusting user controlled inputs.\n\n# Discovered\n- August 2023, Alex Brown, elttam",
"id": "GHSA-q68h-xwq5-mm7x",
"modified": "2024-11-22T17:55:47Z",
"published": "2024-01-24T14:21:29Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/HumanSignal/label-studio/security/advisories/GHSA-q68h-xwq5-mm7x"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-47115"
},
{
"type": "WEB",
"url": "https://github.com/HumanSignal/label-studio/commit/a7a71e594f32ec4af8f3f800d5ccb8662e275da3"
},
{
"type": "WEB",
"url": "https://docs.djangoproject.com/en/4.2/ref/views/#serving-files-in-development"
},
{
"type": "PACKAGE",
"url": "https://github.com/HumanSignal/label-studio"
},
{
"type": "WEB",
"url": "https://github.com/HumanSignal/label-studio/blob/1.8.2/label_studio/users/functions.py#L18-L49"
},
{
"type": "WEB",
"url": "https://github.com/HumanSignal/label-studio/blob/1.8.2/label_studio/users/urls.py#L25-L26"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/label-studio/PYSEC-2024-126.yaml"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"type": "CVSS_V3"
}
],
"summary": "Cross-site Scripting Vulnerability on Avatar Upload"
}
pysec-2024-126
Vulnerability from pysec
Published
2024-01-23 23:15
Modified
2024-11-21 14:22
Severity ?
Details
Label Studio is an a popular open source data labeling tool. Versions prior to 1.9.2 have a cross-site scripting (XSS) vulnerability that could be exploited when an authenticated user uploads a crafted image file for their avatar that gets rendered as a HTML file on the website. Executing arbitrary JavaScript could result in an attacker performing malicious actions on Label Studio users if they visit the crafted avatar image. For an example, an attacker can craft a JavaScript payload that adds a new Django Super Administrator user if a Django administrator visits the image.
The file users/functions.py lines 18-49 show that the only verification check is that the file is an image by extracting the dimensions from the file. Label Studio serves avatar images using Django's built-in serve view, which is not secure for production use according to Django's documentation. The issue with the Django serve view is that it determines the Content-Type of the response by the file extension in the URL path. Therefore, an attacker can upload an image that contains malicious HTML code and name the file with a .html extension to be rendered as a HTML page. The only file extension validation is performed on the client-side, which can be easily bypassed.
Version 1.9.2 fixes this issue. Other remediation strategies include validating the file extension on the server side, not in client-side code; removing the use of Django's serve view and implement a secure controller for viewing uploaded avatar images; saving file content in the database rather than on the filesystem to mitigate against other file related vulnerabilities; and avoiding trusting user controlled inputs.
Aliases
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "label-studio",
"purl": "pkg:pypi/label-studio"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "a7a71e594f32ec4af8f3f800d5ccb8662e275da3"
}
],
"repo": "https://github.com/HumanSignal/label-studio",
"type": "GIT"
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.9.2"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0.4.1",
"0.4.2",
"0.4.3",
"0.4.4",
"0.4.4.post1",
"0.4.4.post2",
"0.4.5",
"0.4.6",
"0.4.6.post1",
"0.4.6.post2",
"0.4.7",
"0.4.8",
"0.5.0",
"0.5.1",
"0.6.0",
"0.6.1",
"0.7.0",
"0.7.1",
"0.7.2",
"0.7.3",
"0.7.4",
"0.7.4.post0",
"0.7.4.post1",
"0.7.5.post1",
"0.7.5.post2",
"0.8.0",
"0.8.0.post0",
"0.8.1",
"0.8.1.post0",
"0.8.2",
"0.8.2.post0",
"0.9.0",
"0.9.0.post2",
"0.9.0.post3",
"0.9.0.post4",
"0.9.0.post5",
"0.9.1",
"0.9.1.post0",
"0.9.1.post1",
"0.9.1.post2",
"1.0.0",
"1.0.0.post0",
"1.0.0.post1",
"1.0.0.post2",
"1.0.0.post3",
"1.0.1",
"1.0.2",
"1.0.2.post0",
"1.1.0",
"1.1.0rc0",
"1.1.1",
"1.2",
"1.3",
"1.3.post0",
"1.3.post1",
"1.4",
"1.4.1",
"1.4.1.post0",
"1.4.1.post1",
"1.5.0",
"1.5.0.post0",
"1.6.0",
"1.7.0",
"1.7.1",
"1.7.2",
"1.7.3",
"1.8.0",
"1.8.1",
"1.8.2",
"1.8.2.post0",
"1.8.2.post1",
"1.9.0",
"1.9.1",
"1.9.1.post0"
]
}
],
"aliases": [
"CVE-2023-47115",
"GHSA-q68h-xwq5-mm7x"
],
"details": "Label Studio is an a popular open source data labeling tool. Versions prior to 1.9.2 have a cross-site scripting (XSS) vulnerability that could be exploited when an authenticated user uploads a crafted image file for their avatar that gets rendered as a HTML file on the website. Executing arbitrary JavaScript could result in an attacker performing malicious actions on Label Studio users if they visit the crafted avatar image. For an example, an attacker can craft a JavaScript payload that adds a new Django Super Administrator user if a Django administrator visits the image.\n\nThe file `users/functions.py` lines 18-49 show that the only verification check is that the file is an image by extracting the dimensions from the file. Label Studio serves avatar images using Django\u0027s built-in `serve` view, which is not secure for production use according to Django\u0027s documentation. The issue with the Django `serve` view is that it determines the `Content-Type` of the response by the file extension in the URL path. Therefore, an attacker can upload an image that contains malicious HTML code and name the file with a `.html` extension to be rendered as a HTML page. The only file extension validation is performed on the client-side, which can be easily bypassed.\n\nVersion 1.9.2 fixes this issue. Other remediation strategies include validating the file extension on the server side, not in client-side code; removing the use of Django\u0027s `serve` view and implement a secure controller for viewing uploaded avatar images; saving file content in the database rather than on the filesystem to mitigate against other file related vulnerabilities; and avoiding trusting user controlled inputs.",
"id": "PYSEC-2024-126",
"modified": "2024-11-21T14:22:53.235341+00:00",
"published": "2024-01-23T23:15:00+00:00",
"references": [
{
"type": "EVIDENCE",
"url": "https://github.com/HumanSignal/label-studio/security/advisories/GHSA-q68h-xwq5-mm7x"
},
{
"type": "ADVISORY",
"url": "https://github.com/HumanSignal/label-studio/security/advisories/GHSA-q68h-xwq5-mm7x"
},
{
"type": "FIX",
"url": "https://github.com/HumanSignal/label-studio/commit/a7a71e594f32ec4af8f3f800d5ccb8662e275da3"
},
{
"type": "WEB",
"url": "https://docs.djangoproject.com/en/4.2/ref/views/#serving-files-in-development"
},
{
"type": "WEB",
"url": "https://github.com/HumanSignal/label-studio/blob/1.8.2/label_studio/users/functions.py#L18-L49"
},
{
"type": "WEB",
"url": "https://github.com/HumanSignal/label-studio/blob/1.8.2/label_studio/users/urls.py#L25-L26"
}
],
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.