CVE-2024-50344

I, Librarian is an open-source version of a PDF managing SaaS. Supplemental Files are allowed to be viewed in the browser, only if they have a white-listed MIME type. Unfortunately, this logic is broken, thus allowing unsafe files containing Javascript to be executed with the application context. An attacker can exploit this vulnerability by uploading a supplementary file that contains a malicious code or script. This code will then be executed when the file is loaded in the browser. The vulnerability was fixed in version 5.11.2.

CVSS v3 4.6 MEDIUM

4.6^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.1 / Impact : 2.5

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/mkucej/i-librarian-free/commit/a67d7949ffb02fd912ebdcf552df006b44066d78
https://github.com/mkucej/i-librarian-free/security/advisories/GHSA-c2rm-w62w-5xmj

Configurations

No configuration.

History

No history.

Information

Published : 2024-10-30 16:15

Updated : 2024-11-01 12:57

NVD link : CVE-2024-50344

Mitre link : CVE-2024-50344

CVE.ORG link : CVE-2024-50344

JSON object : View

Products Affected

No product.

CWE

CWE-80

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)

{"id": "CVE-2024-50344", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.6, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 2.5, "exploitabilityScore": 2.1}]}, "published": "2024-10-30T16:15:04.763", "references": [{"url": "https://github.com/mkucej/i-librarian-free/commit/a67d7949ffb02fd912ebdcf552df006b44066d78", "source": "security-advisories@github.com"}, {"url": "https://github.com/mkucej/i-librarian-free/security/advisories/GHSA-c2rm-w62w-5xmj", "source": "security-advisories@github.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-80"}]}], "descriptions": [{"lang": "en", "value": "I, Librarian is an open-source version of a PDF managing SaaS. Supplemental Files are allowed to be viewed in the browser, only if they have a white-listed MIME type. Unfortunately, this logic is broken, thus allowing unsafe files containing Javascript to be executed with the application context. An attacker can exploit this vulnerability by uploading a supplementary file that contains a malicious code or script. This code will then be executed when the file is loaded in the browser. The vulnerability was fixed in version 5.11.2."}, {"lang": "es", "value": "I, Librarian es una versi\u00f3n de c\u00f3digo abierto de un SaaS de gesti\u00f3n de PDF. Los archivos complementarios solo se pueden ver en el navegador si tienen un tipo MIME incluido en la lista blanca. Lamentablemente, esta l\u00f3gica no funciona, lo que permite que se ejecuten archivos no seguros que contienen Javascript con el contexto de la aplicaci\u00f3n. Un atacante puede aprovechar esta vulnerabilidad cargando un archivo complementario que contenga un c\u00f3digo o script malicioso. Este c\u00f3digo se ejecutar\u00e1 cuando se cargue el archivo en el navegador. La vulnerabilidad se solucion\u00f3 en la versi\u00f3n 5.11.2."}], "lastModified": "2024-11-01T12:57:03.417", "sourceIdentifier": "security-advisories@github.com"}