cvelistv5 - cve-2024-39308

CVE-2024-39308 (GCVE-0-2024-39308)

Vulnerability from cvelistv5 – Published: 2024-07-08 14:33 – Updated: 2024-08-02 04:19

Summary

RailsAdmin is a Rails engine that provides an interface for managing data. RailsAdmin list view has the XSS vulnerability, caused by improperly-escaped HTML title attribute. Upgrade to 3.1.3 or 2.2.2 (to be released).

Severity ?

6.8 (Medium)


                        
                          CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N

CWE

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Assigner

GitHub_M

References

URL

Tags

	https://github.com/railsadminteam/rails_admin/sec…	x_refsource_CONFIRM
	https://github.com/railsadminteam/rails_admin/iss…	x_refsource_MISC
	https://github.com/railsadminteam/rails_admin/com…	x_refsource_MISC
	https://github.com/railsadminteam/rails_admin/com…	x_refsource_MISC
	https://rubygems.org/gems/rails_admin/versions/2.3.0	x_refsource_MISC
	https://rubygems.org/gems/rails_admin/versions/3.1.3	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	railsadminteam	rails_admin	Affected: >= 3.0.0, < 3.1.3 Affected: < 2.3.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-39308",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-16T15:31:21.992694Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-17T13:06:05.683Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T04:19:20.581Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/railsadminteam/rails_admin/security/advisories/GHSA-8qgm-g2vv-vwvc",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/railsadminteam/rails_admin/security/advisories/GHSA-8qgm-g2vv-vwvc"
          },
          {
            "name": "https://github.com/railsadminteam/rails_admin/issues/3686",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/railsadminteam/rails_admin/issues/3686"
          },
          {
            "name": "https://github.com/railsadminteam/rails_admin/commit/b5a287d82e2cbd1737a1a01e11ede2911cce7fef",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/railsadminteam/rails_admin/commit/b5a287d82e2cbd1737a1a01e11ede2911cce7fef"
          },
          {
            "name": "https://github.com/railsadminteam/rails_admin/commit/d84b39884059c4ed50197cec8522cca029a17673",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/railsadminteam/rails_admin/commit/d84b39884059c4ed50197cec8522cca029a17673"
          },
          {
            "name": "https://rubygems.org/gems/rails_admin/versions/2.3.0",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://rubygems.org/gems/rails_admin/versions/2.3.0"
          },
          {
            "name": "https://rubygems.org/gems/rails_admin/versions/3.1.3",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://rubygems.org/gems/rails_admin/versions/3.1.3"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "rails_admin",
          "vendor": "railsadminteam",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 3.0.0, \u003c 3.1.3"
            },
            {
              "status": "affected",
              "version": "\u003c 2.3.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "RailsAdmin is a Rails engine that provides an interface for managing data. RailsAdmin list view has the XSS vulnerability, caused by improperly-escaped HTML title attribute. Upgrade to 3.1.3 or 2.2.2 (to be released)."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-08T14:33:55.144Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/railsadminteam/rails_admin/security/advisories/GHSA-8qgm-g2vv-vwvc",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/railsadminteam/rails_admin/security/advisories/GHSA-8qgm-g2vv-vwvc"
        },
        {
          "name": "https://github.com/railsadminteam/rails_admin/issues/3686",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/railsadminteam/rails_admin/issues/3686"
        },
        {
          "name": "https://github.com/railsadminteam/rails_admin/commit/b5a287d82e2cbd1737a1a01e11ede2911cce7fef",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/railsadminteam/rails_admin/commit/b5a287d82e2cbd1737a1a01e11ede2911cce7fef"
        },
        {
          "name": "https://github.com/railsadminteam/rails_admin/commit/d84b39884059c4ed50197cec8522cca029a17673",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/railsadminteam/rails_admin/commit/d84b39884059c4ed50197cec8522cca029a17673"
        },
        {
          "name": "https://rubygems.org/gems/rails_admin/versions/2.3.0",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://rubygems.org/gems/rails_admin/versions/2.3.0"
        },
        {
          "name": "https://rubygems.org/gems/rails_admin/versions/3.1.3",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://rubygems.org/gems/rails_admin/versions/3.1.3"
        }
      ],
      "source": {
        "advisory": "GHSA-8qgm-g2vv-vwvc",
        "discovery": "UNKNOWN"
      },
      "title": "RailsAdmin Cross-site Scripting vulnerability in the list view"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2024-39308",
    "datePublished": "2024-07-08T14:33:55.144Z",
    "dateReserved": "2024-06-21T18:15:22.259Z",
    "dateUpdated": "2024-08-02T04:19:20.581Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rails_admin_project:rails_admin:*:*:*:*:*:ruby:*:*\", \"versionEndExcluding\": \"2.3.0\", \"matchCriteriaId\": \"5835771A-4E7F-409A-939E-8442D2E9A5CE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rails_admin_project:rails_admin:*:*:*:*:*:ruby:*:*\", \"versionStartIncluding\": \"3.0.0\", \"versionEndExcluding\": \"3.1.3\", \"matchCriteriaId\": \"516887D9-E69F-452C-B73F-7812CC6B4731\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"RailsAdmin is a Rails engine that provides an interface for managing data. RailsAdmin list view has the XSS vulnerability, caused by improperly-escaped HTML title attribute. Upgrade to 3.1.3 or 2.2.2 (to be released).\"}, {\"lang\": \"es\", \"value\": \"RailsAdmin es un motor Rails que proporciona una interfaz para gestionar datos. La vista de lista RailsAdmin tiene la vulnerabilidad XSS, causada por un atributo de t\\u00edtulo HTML con escape incorrecto. Actualice a 3.1.3 o 2.2.2 (por publicarse).\"}]",
      "id": "CVE-2024-39308",
      "lastModified": "2024-11-21T09:27:25.837",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N\", \"baseScore\": 5.4, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.3, \"impactScore\": 2.7}], \"cvssMetricV30\": [{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N\", \"baseScore\": 6.8, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.3, \"impactScore\": 4.0}]}",
      "published": "2024-07-08T15:15:22.080",
      "references": "[{\"url\": \"https://github.com/railsadminteam/rails_admin/commit/b5a287d82e2cbd1737a1a01e11ede2911cce7fef\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/railsadminteam/rails_admin/commit/d84b39884059c4ed50197cec8522cca029a17673\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/railsadminteam/rails_admin/issues/3686\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/railsadminteam/rails_admin/security/advisories/GHSA-8qgm-g2vv-vwvc\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://rubygems.org/gems/rails_admin/versions/2.3.0\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Patch\"]}, {\"url\": \"https://rubygems.org/gems/rails_admin/versions/3.1.3\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/railsadminteam/rails_admin/commit/b5a287d82e2cbd1737a1a01e11ede2911cce7fef\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/railsadminteam/rails_admin/commit/d84b39884059c4ed50197cec8522cca029a17673\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/railsadminteam/rails_admin/issues/3686\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/railsadminteam/rails_admin/security/advisories/GHSA-8qgm-g2vv-vwvc\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://rubygems.org/gems/rails_admin/versions/2.3.0\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://rubygems.org/gems/rails_admin/versions/3.1.3\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}]",
      "sourceIdentifier": "security-advisories@github.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-39308\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2024-07-08T15:15:22.080\",\"lastModified\":\"2024-11-21T09:27:25.837\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"RailsAdmin is a Rails engine that provides an interface for managing data. RailsAdmin list view has the XSS vulnerability, caused by improperly-escaped HTML title attribute. Upgrade to 3.1.3 or 2.2.2 (to be released).\"},{\"lang\":\"es\",\"value\":\"RailsAdmin es un motor Rails que proporciona una interfaz para gestionar datos. La vista de lista RailsAdmin tiene la vulnerabilidad XSS, causada por un atributo de t\u00edtulo HTML con escape incorrecto. Actualice a 3.1.3 o 2.2.2 (por publicarse).\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":5.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.3,\"impactScore\":2.7}],\"cvssMetricV30\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N\",\"baseScore\":6.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.3,\"impactScore\":4.0}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rails_admin_project:rails_admin:*:*:*:*:*:ruby:*:*\",\"versionEndExcluding\":\"2.3.0\",\"matchCriteriaId\":\"5835771A-4E7F-409A-939E-8442D2E9A5CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rails_admin_project:rails_admin:*:*:*:*:*:ruby:*:*\",\"versionStartIncluding\":\"3.0.0\",\"versionEndExcluding\":\"3.1.3\",\"matchCriteriaId\":\"516887D9-E69F-452C-B73F-7812CC6B4731\"}]}]}],\"references\":[{\"url\":\"https://github.com/railsadminteam/rails_admin/commit/b5a287d82e2cbd1737a1a01e11ede2911cce7fef\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/railsadminteam/rails_admin/commit/d84b39884059c4ed50197cec8522cca029a17673\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/railsadminteam/rails_admin/issues/3686\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/railsadminteam/rails_admin/security/advisories/GHSA-8qgm-g2vv-vwvc\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://rubygems.org/gems/rails_admin/versions/2.3.0\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://rubygems.org/gems/rails_admin/versions/3.1.3\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/railsadminteam/rails_admin/commit/b5a287d82e2cbd1737a1a01e11ede2911cce7fef\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/railsadminteam/rails_admin/commit/d84b39884059c4ed50197cec8522cca029a17673\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/railsadminteam/rails_admin/issues/3686\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/railsadminteam/rails_admin/security/advisories/GHSA-8qgm-g2vv-vwvc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://rubygems.org/gems/rails_admin/versions/2.3.0\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://rubygems.org/gems/rails_admin/versions/3.1.3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-39308\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-07-16T15:31:21.992694Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-07-17T13:06:01.233Z\"}}], \"cna\": {\"title\": \"RailsAdmin Cross-site Scripting vulnerability in the list view\", \"source\": {\"advisory\": \"GHSA-8qgm-g2vv-vwvc\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_0\": {\"scope\": \"CHANGED\", \"version\": \"3.0\", \"baseScore\": 6.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"railsadminteam\", \"product\": \"rails_admin\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003e= 3.0.0, \u003c 3.1.3\"}, {\"status\": \"affected\", \"version\": \"\u003c 2.3.0\"}]}], \"references\": [{\"url\": \"https://github.com/railsadminteam/rails_admin/security/advisories/GHSA-8qgm-g2vv-vwvc\", \"name\": \"https://github.com/railsadminteam/rails_admin/security/advisories/GHSA-8qgm-g2vv-vwvc\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/railsadminteam/rails_admin/issues/3686\", \"name\": \"https://github.com/railsadminteam/rails_admin/issues/3686\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/railsadminteam/rails_admin/commit/b5a287d82e2cbd1737a1a01e11ede2911cce7fef\", \"name\": \"https://github.com/railsadminteam/rails_admin/commit/b5a287d82e2cbd1737a1a01e11ede2911cce7fef\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/railsadminteam/rails_admin/commit/d84b39884059c4ed50197cec8522cca029a17673\", \"name\": \"https://github.com/railsadminteam/rails_admin/commit/d84b39884059c4ed50197cec8522cca029a17673\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://rubygems.org/gems/rails_admin/versions/2.3.0\", \"name\": \"https://rubygems.org/gems/rails_admin/versions/2.3.0\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://rubygems.org/gems/rails_admin/versions/3.1.3\", \"name\": \"https://rubygems.org/gems/rails_admin/versions/3.1.3\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"RailsAdmin is a Rails engine that provides an interface for managing data. RailsAdmin list view has the XSS vulnerability, caused by improperly-escaped HTML title attribute. Upgrade to 3.1.3 or 2.2.2 (to be released).\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-79\", \"description\": \"CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2024-07-08T14:33:55.144Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-39308\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-07-17T13:06:05.683Z\", \"dateReserved\": \"2024-06-21T18:15:22.259Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2024-07-08T14:33:55.144Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

GHSA-8QGM-G2VV-VWVC

Vulnerability from github – Published: 2024-07-08 14:14 – Updated: 2024-07-11 20:24

Summary

RailsAdmin Cross-site Scripting vulnerability in the list view

Details

Impact

RailsAdmin list view has the XSS vulnerability, caused by improperly-escaped HTML title attribute. The issue was originally reported in https://github.com/railsadminteam/rails_admin/issues/3686.

Patches

Upgrade to 3.1.4. The vulnerability itself was patched in 3.1.3 but it has a functionality issue. Initially the vulnerability was thought to exist in versions before 3.0, but it didn't. 2.x users can stay on 2.2.1.

Workarounds

Copy the index view (located under the path app/views/rails_admin/main/index.html.erb) from the RailsAdmin version you use, and place it into your application by using the same path.
Open the view file by an editor, and change the way to populate the td tag:

               <% properties.map{ |property| property.bind(:object, object) }.each do |property| %>
                 <% value = property.pretty_value %>
-                <td class="<%= [property.sticky? && 'sticky', property.css_class, property.type_css_class].select(&:present?).join(' ') %>" title="<%= value %>">
+                <%= content_tag(:td, class: [property.sticky? && 'sticky', property.css_class, property.type_css_class].select(&:present?), title: strip_tags(value.to_s)) do %>
                   <%= value %>
-                </td>
+                <% end %>
               <% end %>

Note: The view file created by this needs to be removed after upgrading RailsAdmin afterwards, unless this old view continue to be used. Only do this if you can't upgrade RailsAdmin now for a reason.

References

https://owasp.org/www-community/attacks/xss/ https://api.rubyonrails.org/classes/ActionView/Helpers/SanitizeHelper.html#method-i-strip_tags

Severity ?

6.8 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N

6.1 (Medium)


                  
                    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "RubyGems",
        "name": "rails_admin"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.0.0.beta"
            },
            {
              "fixed": "3.1.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-39308"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-79"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-07-08T14:14:43Z",
    "nvd_published_at": "2024-07-08T15:15:22Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\nRailsAdmin list view has the XSS vulnerability, caused by improperly-escaped HTML title attribute.\nThe issue was originally reported in https://github.com/railsadminteam/rails_admin/issues/3686.\n\n### Patches\nUpgrade to [3.1.4](https://rubygems.org/gems/rails_admin/versions/3.1.4). The vulnerability itself was patched in 3.1.3 but it has a functionality issue.\nInitially the vulnerability was thought to exist in versions before 3.0, but it didn\u0027t. 2.x users can stay on 2.2.1.\n\n### Workarounds\n1. Copy the index view (located under the path `app/views/rails_admin/main/index.html.erb`) from the RailsAdmin version you use, and place it into your application by using the same path.\n2. Open the view file by an editor, and change the way to populate the td tag:\n\n```diff\n               \u003c% properties.map{ |property| property.bind(:object, object) }.each do |property| %\u003e\n                 \u003c% value = property.pretty_value %\u003e\n-                \u003ctd class=\"\u003c%= [property.sticky? \u0026\u0026 \u0027sticky\u0027, property.css_class, property.type_css_class].select(\u0026:present?).join(\u0027 \u0027) %\u003e\" title=\"\u003c%= value %\u003e\"\u003e\n+                \u003c%= content_tag(:td, class: [property.sticky? \u0026\u0026 \u0027sticky\u0027, property.css_class, property.type_css_class].select(\u0026:present?), title: strip_tags(value.to_s)) do %\u003e\n                   \u003c%= value %\u003e\n-                \u003c/td\u003e\n+                \u003c% end %\u003e\n               \u003c% end %\u003e\n```\n\n**Note:** The view file created by this needs to be removed after upgrading RailsAdmin afterwards, unless this old view continue to be used. Only do this if you can\u0027t upgrade RailsAdmin now for a reason.\n\n### References\nhttps://owasp.org/www-community/attacks/xss/\nhttps://api.rubyonrails.org/classes/ActionView/Helpers/SanitizeHelper.html#method-i-strip_tags",
  "id": "GHSA-8qgm-g2vv-vwvc",
  "modified": "2024-07-11T20:24:10Z",
  "published": "2024-07-08T14:14:43Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/railsadminteam/rails_admin/security/advisories/GHSA-8qgm-g2vv-vwvc"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39308"
    },
    {
      "type": "WEB",
      "url": "https://github.com/railsadminteam/rails_admin/issues/3686"
    },
    {
      "type": "WEB",
      "url": "https://github.com/railsadminteam/rails_admin/commit/b5a287d82e2cbd1737a1a01e11ede2911cce7fef"
    },
    {
      "type": "WEB",
      "url": "https://github.com/railsadminteam/rails_admin/commit/d84b39884059c4ed50197cec8522cca029a17673"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/railsadminteam/rails_admin"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rails_admin/CVE-2024-39308.yml"
    },
    {
      "type": "WEB",
      "url": "https://rubygems.org/gems/rails_admin/versions/2.3.0"
    },
    {
      "type": "WEB",
      "url": "https://rubygems.org/gems/rails_admin/versions/3.1.3"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "RailsAdmin Cross-site Scripting vulnerability in the list view"
}

FKIE_CVE-2024-39308

Vulnerability from fkie_nvd - Published: 2024-07-08 15:15 - Updated: 2024-11-21 09:27

Severity ?

5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Summary

References

URL	Tags
security-advisories@github.com	https://github.com/railsadminteam/rails_admin/commit/b5a287d82e2cbd1737a1a01e11ede2911cce7fef	Patch
security-advisories@github.com	https://github.com/railsadminteam/rails_admin/commit/d84b39884059c4ed50197cec8522cca029a17673	Patch
security-advisories@github.com	https://github.com/railsadminteam/rails_admin/issues/3686	Issue Tracking
security-advisories@github.com	https://github.com/railsadminteam/rails_admin/security/advisories/GHSA-8qgm-g2vv-vwvc	Vendor Advisory
security-advisories@github.com	https://rubygems.org/gems/rails_admin/versions/2.3.0	Patch
security-advisories@github.com	https://rubygems.org/gems/rails_admin/versions/3.1.3	Patch
af854a3a-2127-422b-91ae-364da2661108	https://github.com/railsadminteam/rails_admin/commit/b5a287d82e2cbd1737a1a01e11ede2911cce7fef	Patch
af854a3a-2127-422b-91ae-364da2661108	https://github.com/railsadminteam/rails_admin/commit/d84b39884059c4ed50197cec8522cca029a17673	Patch
af854a3a-2127-422b-91ae-364da2661108	https://github.com/railsadminteam/rails_admin/issues/3686	Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	https://github.com/railsadminteam/rails_admin/security/advisories/GHSA-8qgm-g2vv-vwvc	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://rubygems.org/gems/rails_admin/versions/2.3.0	Patch
af854a3a-2127-422b-91ae-364da2661108	https://rubygems.org/gems/rails_admin/versions/3.1.3	Patch

Impacted products

	Vendor	Product	Version
	rails_admin_project	rails_admin	*
	rails_admin_project	rails_admin	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:rails_admin_project:rails_admin:*:*:*:*:*:ruby:*:*",
              "matchCriteriaId": "5835771A-4E7F-409A-939E-8442D2E9A5CE",
              "versionEndExcluding": "2.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rails_admin_project:rails_admin:*:*:*:*:*:ruby:*:*",
              "matchCriteriaId": "516887D9-E69F-452C-B73F-7812CC6B4731",
              "versionEndExcluding": "3.1.3",
              "versionStartIncluding": "3.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "RailsAdmin is a Rails engine that provides an interface for managing data. RailsAdmin list view has the XSS vulnerability, caused by improperly-escaped HTML title attribute. Upgrade to 3.1.3 or 2.2.2 (to be released)."
    },
    {
      "lang": "es",
      "value": "RailsAdmin es un motor Rails que proporciona una interfaz para gestionar datos. La vista de lista RailsAdmin tiene la vulnerabilidad XSS, causada por un atributo de t\u00edtulo HTML con escape incorrecto. Actualice a 3.1.3 o 2.2.2 (por publicarse)."
    }
  ],
  "id": "CVE-2024-39308",
  "lastModified": "2024-11-21T09:27:25.837",
  "metrics": {
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 4.0,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-07-08T15:15:22.080",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/railsadminteam/rails_admin/commit/b5a287d82e2cbd1737a1a01e11ede2911cce7fef"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/railsadminteam/rails_admin/commit/d84b39884059c4ed50197cec8522cca029a17673"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://github.com/railsadminteam/rails_admin/issues/3686"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/railsadminteam/rails_admin/security/advisories/GHSA-8qgm-g2vv-vwvc"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch"
      ],
      "url": "https://rubygems.org/gems/rails_admin/versions/2.3.0"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch"
      ],
      "url": "https://rubygems.org/gems/rails_admin/versions/3.1.3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/railsadminteam/rails_admin/commit/b5a287d82e2cbd1737a1a01e11ede2911cce7fef"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/railsadminteam/rails_admin/commit/d84b39884059c4ed50197cec8522cca029a17673"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://github.com/railsadminteam/rails_admin/issues/3686"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/railsadminteam/rails_admin/security/advisories/GHSA-8qgm-g2vv-vwvc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://rubygems.org/gems/rails_admin/versions/2.3.0"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://rubygems.org/gems/rails_admin/versions/3.1.3"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-39308 (GCVE-0-2024-39308)

GHSA-8QGM-G2VV-VWVC

Impact

Patches

Workarounds

References

FKIE_CVE-2024-39308

Tags

Sightings

Nomenclature