CVE-2024-28852 (GCVE-0-2024-28852)
Vulnerability from cvelistv5 – Published: 2024-03-27 13:18 – Updated: 2024-08-13 14:11
VLAI?
Title
Ampache has multiple reflective XSS vulnerabilities
Summary
Ampache is a web based audio/video streaming application and file manager. Ampache has multiple reflective XSS vulnerabilities,this means that all forms in the Ampache that use `rule` as a variable are not secure. For example, when querying a song, when querying a podcast, we need to use `$rule` variable. This vulnerability is fixed in 6.3.1
Severity ?
6.1 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:56:58.143Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/ampache/ampache/security/advisories/GHSA-g7hx-hm68-f639",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/ampache/ampache/security/advisories/GHSA-g7hx-hm68-f639"
},
{
"name": "https://github.com/ampache/ampache/blob/bcaa9a4624acf8c8cc4c135be77b846731fb1ba2/src/Repository/Model/Search.php#L1732-L1740",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/ampache/ampache/blob/bcaa9a4624acf8c8cc4c135be77b846731fb1ba2/src/Repository/Model/Search.php#L1732-L1740"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:ampache:ampache:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ampache",
"vendor": "ampache",
"versions": [
{
"lessThan": "6.3.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-28852",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-27T19:23:59.537407Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-13T14:11:34.057Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ampache",
"vendor": "ampache",
"versions": [
{
"status": "affected",
"version": "\u003c 6.3.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Ampache is a web based audio/video streaming application and file manager. Ampache has multiple reflective XSS vulnerabilities,this means that all forms in the Ampache that use `rule` as a variable are not secure. For example, when querying a song, when querying a podcast, we need to use `$rule` variable. This vulnerability is fixed in 6.3.1\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-27T13:18:10.464Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/ampache/ampache/security/advisories/GHSA-g7hx-hm68-f639",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/ampache/ampache/security/advisories/GHSA-g7hx-hm68-f639"
},
{
"name": "https://github.com/ampache/ampache/blob/bcaa9a4624acf8c8cc4c135be77b846731fb1ba2/src/Repository/Model/Search.php#L1732-L1740",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ampache/ampache/blob/bcaa9a4624acf8c8cc4c135be77b846731fb1ba2/src/Repository/Model/Search.php#L1732-L1740"
}
],
"source": {
"advisory": "GHSA-g7hx-hm68-f639",
"discovery": "UNKNOWN"
},
"title": "Ampache has multiple reflective XSS vulnerabilities"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-28852",
"datePublished": "2024-03-27T13:18:10.464Z",
"dateReserved": "2024-03-11T22:45:07.685Z",
"dateUpdated": "2024-08-13T14:11:34.057Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"descriptions": "[{\"lang\": \"en\", \"value\": \"Ampache is a web based audio/video streaming application and file manager. Ampache has multiple reflective XSS vulnerabilities,this means that all forms in the Ampache that use `rule` as a variable are not secure. For example, when querying a song, when querying a podcast, we need to use `$rule` variable. This vulnerability is fixed in 6.3.1\\n\"}, {\"lang\": \"es\", \"value\": \"Ampache es una aplicaci\\u00f3n de transmisi\\u00f3n de audio/v\\u00eddeo y un administrador de archivos basado en web. Ampache tiene m\\u00faltiples vulnerabilidades XSS reflectantes, lo que significa que todos los formularios en Ampache que usan \\\"regla\\\" como variable no son seguros. Por ejemplo, al consultar una canci\\u00f3n, al consultar un podcast, necesitamos usar la variable `$rule`. Esta vulnerabilidad se solucion\\u00f3 en 6.3.1.\"}]",
"id": "CVE-2024-28852",
"lastModified": "2024-11-21T09:07:02.927",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\", \"baseScore\": 6.1, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 2.7}]}",
"published": "2024-03-27T14:15:10.340",
"references": "[{\"url\": \"https://github.com/ampache/ampache/blob/bcaa9a4624acf8c8cc4c135be77b846731fb1ba2/src/Repository/Model/Search.php#L1732-L1740\", \"source\": \"security-advisories@github.com\"}, {\"url\": \"https://github.com/ampache/ampache/security/advisories/GHSA-g7hx-hm68-f639\", \"source\": \"security-advisories@github.com\"}, {\"url\": \"https://github.com/ampache/ampache/blob/bcaa9a4624acf8c8cc4c135be77b846731fb1ba2/src/Repository/Model/Search.php#L1732-L1740\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://github.com/ampache/ampache/security/advisories/GHSA-g7hx-hm68-f639\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Undergoing Analysis",
"weaknesses": "[{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-28852\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2024-03-27T14:15:10.340\",\"lastModified\":\"2025-02-05T21:20:47.810\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Ampache is a web based audio/video streaming application and file manager. Ampache has multiple reflective XSS vulnerabilities,this means that all forms in the Ampache that use `rule` as a variable are not secure. For example, when querying a song, when querying a podcast, we need to use `$rule` variable. This vulnerability is fixed in 6.3.1\\n\"},{\"lang\":\"es\",\"value\":\"Ampache es una aplicaci\u00f3n de transmisi\u00f3n de audio/v\u00eddeo y un administrador de archivos basado en web. Ampache tiene m\u00faltiples vulnerabilidades XSS reflectantes, lo que significa que todos los formularios en Ampache que usan \\\"regla\\\" como variable no son seguros. Por ejemplo, al consultar una canci\u00f3n, al consultar un podcast, necesitamos usar la variable `$rule`. Esta vulnerabilidad se solucion\u00f3 en 6.3.1.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ampache:ampache:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.3.1\",\"matchCriteriaId\":\"A9E60433-868B-4354-93F8-C418983B189A\"}]}]}],\"references\":[{\"url\":\"https://github.com/ampache/ampache/blob/bcaa9a4624acf8c8cc4c135be77b846731fb1ba2/src/Repository/Model/Search.php#L1732-L1740\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/ampache/ampache/security/advisories/GHSA-g7hx-hm68-f639\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/ampache/ampache/blob/bcaa9a4624acf8c8cc4c135be77b846731fb1ba2/src/Repository/Model/Search.php#L1732-L1740\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/ampache/ampache/security/advisories/GHSA-g7hx-hm68-f639\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/ampache/ampache/security/advisories/GHSA-g7hx-hm68-f639\", \"name\": \"https://github.com/ampache/ampache/security/advisories/GHSA-g7hx-hm68-f639\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://github.com/ampache/ampache/blob/bcaa9a4624acf8c8cc4c135be77b846731fb1ba2/src/Repository/Model/Search.php#L1732-L1740\", \"name\": \"https://github.com/ampache/ampache/blob/bcaa9a4624acf8c8cc4c135be77b846731fb1ba2/src/Repository/Model/Search.php#L1732-L1740\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T00:56:58.143Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-28852\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-03-27T19:23:59.537407Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:ampache:ampache:*:*:*:*:*:*:*:*\"], \"vendor\": \"ampache\", \"product\": \"ampache\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"6.3.1\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-08-13T14:11:30.466Z\"}}], \"cna\": {\"title\": \"Ampache has multiple reflective XSS vulnerabilities\", \"source\": {\"advisory\": \"GHSA-g7hx-hm68-f639\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 6.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"vendor\": \"ampache\", \"product\": \"ampache\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 6.3.1\"}]}], \"references\": [{\"url\": \"https://github.com/ampache/ampache/security/advisories/GHSA-g7hx-hm68-f639\", \"name\": \"https://github.com/ampache/ampache/security/advisories/GHSA-g7hx-hm68-f639\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/ampache/ampache/blob/bcaa9a4624acf8c8cc4c135be77b846731fb1ba2/src/Repository/Model/Search.php#L1732-L1740\", \"name\": \"https://github.com/ampache/ampache/blob/bcaa9a4624acf8c8cc4c135be77b846731fb1ba2/src/Repository/Model/Search.php#L1732-L1740\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Ampache is a web based audio/video streaming application and file manager. Ampache has multiple reflective XSS vulnerabilities,this means that all forms in the Ampache that use `rule` as a variable are not secure. For example, when querying a song, when querying a podcast, we need to use `$rule` variable. This vulnerability is fixed in 6.3.1\\n\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-79\", \"description\": \"CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2024-03-27T13:18:10.464Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-28852\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-13T14:11:34.057Z\", \"dateReserved\": \"2024-03-11T22:45:07.685Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2024-03-27T13:18:10.464Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…