CVE-2021-41132 - OpenCVE

OMERO.web provides a web based client and plugin infrastructure. In versions prior to 5.11.0, a variety of templates do not perform proper sanitization through HTML escaping. Due to the lack of sanitization and use of ``jQuery.html()``, there are a whole host of cross-site scripting possibilities with specially crafted input to a variety of fields. This issue is patched in version 5.11.0. There are no known workarounds aside from upgrading.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Openmicroscopy	Omero-figure Omero-web

Configuration 1 [-]

OR	cpe:2.3:a:openmicroscopy:omero-figure::::::::
	cpe:2.3:a:openmicroscopy:omero-web::::::::

No data.

References

Link	Providers
https://github.com/ome/omero-web/commit/0168067accde5e635341b3c714b1d53ae92ba424
https://github.com/ome/omero-web/security/advisories/GHSA-g67g-hvc3-xmvf
https://www.openmicroscopy.org/security/advisories/2021-SV3/

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2021-10-14T15:45:12

Updated: 2024-08-04T02:59:31.416Z

Reserved: 2021-09-15T00:00:00

Link: CVE-2021-41132

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2021-10-14T16:15:09.447

Modified: 2021-10-20T19:14:48.183

Link: CVE-2021-41132

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "omero-web", "vendor": "ome", "versions": [{"status": "affected", "version": "< 5.11.0"}]}], "descriptions": [{"lang": "en", "value": "OMERO.web provides a web based client and plugin infrastructure. In versions prior to 5.11.0, a variety of templates do not perform proper sanitization through HTML escaping. Due to the lack of sanitization and use of ``jQuery.html()``, there are a whole host of cross-site scripting possibilities with specially crafted input to a variety of fields. This issue is patched in version 5.11.0. There are no known workarounds aside from upgrading."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-116", "description": "CWE-116: Improper Encoding or Escaping of Output", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-10-14T15:45:12", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/ome/omero-web/security/advisories/GHSA-g67g-hvc3-xmvf"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/ome/omero-web/commit/0168067accde5e635341b3c714b1d53ae92ba424"}, {"tags": ["x_refsource_MISC"], "url": "https://www.openmicroscopy.org/security/advisories/2021-SV3/"}], "source": {"advisory": "GHSA-g67g-hvc3-xmvf", "discovery": "UNKNOWN"}, "title": "Inconsistent input sanitisation leads to XSS vectors", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2021-41132", "STATE": "PUBLIC", "TITLE": "Inconsistent input sanitisation leads to XSS vectors"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "omero-web", "version": {"version_data": [{"version_value": "< 5.11.0"}]}}]}, "vendor_name": "ome"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "OMERO.web provides a web based client and plugin infrastructure. In versions prior to 5.11.0, a variety of templates do not perform proper sanitization through HTML escaping. Due to the lack of sanitization and use of ``jQuery.html()``, there are a whole host of cross-site scripting possibilities with specially crafted input to a variety of fields. This issue is patched in version 5.11.0. There are no known workarounds aside from upgrading."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-116: Improper Encoding or Escaping of Output"}]}]}, "references": {"reference_data": [{"name": "https://github.com/ome/omero-web/security/advisories/GHSA-g67g-hvc3-xmvf", "refsource": "CONFIRM", "url": "https://github.com/ome/omero-web/security/advisories/GHSA-g67g-hvc3-xmvf"}, {"name": "https://github.com/ome/omero-web/commit/0168067accde5e635341b3c714b1d53ae92ba424", "refsource": "MISC", "url": "https://github.com/ome/omero-web/commit/0168067accde5e635341b3c714b1d53ae92ba424"}, {"name": "https://www.openmicroscopy.org/security/advisories/2021-SV3/", "refsource": "MISC", "url": "https://www.openmicroscopy.org/security/advisories/2021-SV3/"}]}, "source": {"advisory": "GHSA-g67g-hvc3-xmvf", "discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T02:59:31.416Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/ome/omero-web/security/advisories/GHSA-g67g-hvc3-xmvf"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/ome/omero-web/commit/0168067accde5e635341b3c714b1d53ae92ba424"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.openmicroscopy.org/security/advisories/2021-SV3/"}]}]}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2021-41132", "datePublished": "2021-10-14T15:45:12", "dateReserved": "2021-09-15T00:00:00", "dateUpdated": "2024-08-04T02:59:31.416Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:openmicroscopy:omero-figure:*:*:*:*:*:*:*:*", "matchCriteriaId": "A89CA68E-E768-4E87-A4BA-8DE6CE954535", "versionEndExcluding": "4.4.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:openmicroscopy:omero-web:*:*:*:*:*:*:*:*", "matchCriteriaId": "2B82F896-F0E3-4349-A248-2801BDB43591", "versionEndExcluding": "5.11.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "OMERO.web provides a web based client and plugin infrastructure. In versions prior to 5.11.0, a variety of templates do not perform proper sanitization through HTML escaping. Due to the lack of sanitization and use of ``jQuery.html()``, there are a whole host of cross-site scripting possibilities with specially crafted input to a variety of fields. This issue is patched in version 5.11.0. There are no known workarounds aside from upgrading."}, {"lang": "es", "value": "OMERO.web proporciona una infraestructura de clientes y plugins basada en la web. En las versiones anteriores a 5.11.0, varias plantillas no llevan a cabo un saneamiento apropiado mediante un escape de HTML. Debido a una falta de saneo y al uso de la funci\u00f3n \"jQuery.html()\", se presenta toda una serie de posibilidades de tipo cross-site scripting con entradas especialmente dise\u00f1adas para una variedad de campos. Este problema est\u00e1 parcheado en la versi\u00f3n 5.11.0. No se conocen soluciones aparte de la actualizaci\u00f3n"}], "id": "CVE-2021-41132", "lastModified": "2021-10-20T19:14:48.183", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2021-10-14T16:15:09.447", "references": [{"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/ome/omero-web/commit/0168067accde5e635341b3c714b1d53ae92ba424"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://github.com/ome/omero-web/security/advisories/GHSA-g67g-hvc3-xmvf"}, {"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://www.openmicroscopy.org/security/advisories/2021-SV3/"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-116"}], "source": "security-advisories@github.com", "type": "Secondary"}]}