CVE-2024-10001

A Code Injection vulnerability was identified in GitHub Enterprise Server that allowed attackers to inject malicious code into the query selector via the identity property in the message handling function. This enabled the exfiltration of sensitive data by manipulating the DOM, including authentication tokens. To execute the attack, the victim must be logged into GitHub and interact with the attacker controlled malicious webpage containing the hidden iframe. This vulnerability occurs due to an improper sequence of validation, where the origin check occurs after accepting the user-controlled identity property. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.11.16, 3.12.10, 3.13.5, 3.14.2, and 3.15.0. This vulnerability was reported via the GitHub Bug Bounty program.

CVSS v3 7.1 HIGH

7.1^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 4.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.17	Release Notes
https://docs.github.com/en/enterprise-server@3.12/admin/release-notes#3.12.11	Release Notes
https://docs.github.com/en/enterprise-server@3.13/admin/release-notes#3.13.6	Release Notes
https://docs.github.com/en/enterprise-server@3.14/admin/release-notes#3.14.3	Release Notes
https://docs.github.com/en/enterprise-server@3.15/admin/release-notes#3.15.0	Release Notes

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:github:enterprise_server::::::::
	cpe:2.3:a:github:enterprise_server::::::::
	cpe:2.3:a:github:enterprise_server::::::::
	cpe:2.3:a:github:enterprise_server::::::::

History

05 Sep 2025, 15:00

Type	Values Removed	Values Added
Summary		(es) Se identificó una vulnerabilidad de inyección de código en GitHub Enterprise Server que permitía a los atacantes inyectar código malicioso en el selector de consultas a través de la propiedad de identidad en la función de gestión de mensajes. Esto permitió la exfiltración de datos confidenciales mediante la manipulación de los tokens de autenticación DOM, incluida. Para ejecutar el ataque, la víctima debe iniciar sesión en GitHub e interactuar con la página web maliciosa controlada por el atacante que contiene el iframe oculto. Esta vulnerabilidad se produce debido a una secuencia incorrecta de validación, donde la verificación de origen se produce después de aceptar la propiedad de identidad controlada por el usuario. Esta vulnerabilidad afectó a todas las versiones de GitHub Enterprise Server anteriores a 3.11.16, 3.12.10, 3.13.5, 3.14.2 y 3.15.0. Esta vulnerabilidad se informó a través del programa GitHub Bug Bounty.
CPE		cpe:2.3:a:github:enterprise_server::::::::
First Time		Github Github enterprise Server
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.1
References	~~() https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.17 -~~	() https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.17 - Release Notes
References	~~() https://docs.github.com/en/enterprise-server@3.12/admin/release-notes#3.12.11 -~~	() https://docs.github.com/en/enterprise-server@3.12/admin/release-notes#3.12.11 - Release Notes
References	~~() https://docs.github.com/en/enterprise-server@3.13/admin/release-notes#3.13.6 -~~	() https://docs.github.com/en/enterprise-server@3.13/admin/release-notes#3.13.6 - Release Notes
References	~~() https://docs.github.com/en/enterprise-server@3.14/admin/release-notes#3.14.3 -~~	() https://docs.github.com/en/enterprise-server@3.14/admin/release-notes#3.14.3 - Release Notes
References	~~() https://docs.github.com/en/enterprise-server@3.15/admin/release-notes#3.15.0 -~~	() https://docs.github.com/en/enterprise-server@3.15/admin/release-notes#3.15.0 - Release Notes

29 Jan 2025, 19:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-01-29 19:15

Updated : 2025-09-05 15:00

NVD link : CVE-2024-10001

Mitre link : CVE-2024-10001

CVE.ORG link : CVE-2024-10001

JSON object : View

Products Affected

github

enterprise_server

CWE

CWE-94

Improper Control of Generation of Code ('Code Injection')

7.1 /10