CVE-2024-23633 - OpenCVE

Vendors	Products
Humansignal	Label Studio

Link	Providers
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/sandbox
https://github.com/HumanSignal/label-studio/blob/1.9.2.post0/label_studio/data_import/api.py#L595C1-L616C62
https://github.com/HumanSignal/label-studio/blob/1.9.2.post0/label_studio/data_import/uploader.py#L125C5-L146
https://github.com/HumanSignal/label-studio/security/advisories/GHSA-fq23-g58m-799r

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-23633", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-01-19T00:18:53.232Z", "datePublished": "2024-01-23T23:15:09.044Z", "dateUpdated": "2024-08-01T23:06:25.341Z"}, "containers": {"cna": {"title": " Label Studio XSS Vulnerability on Data Import", "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "lang": "en", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/HumanSignal/label-studio/security/advisories/GHSA-fq23-g58m-799r", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/HumanSignal/label-studio/security/advisories/GHSA-fq23-g58m-799r"}, {"name": "https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/sandbox", "tags": ["x_refsource_MISC"], "url": "https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/sandbox"}, {"name": "https://github.com/HumanSignal/label-studio/blob/1.9.2.post0/label_studio/data_import/api.py#L595C1-L616C62", "tags": ["x_refsource_MISC"], "url": "https://github.com/HumanSignal/label-studio/blob/1.9.2.post0/label_studio/data_import/api.py#L595C1-L616C62"}, {"name": "https://github.com/HumanSignal/label-studio/blob/1.9.2.post0/label_studio/data_import/uploader.py#L125C5-L146", "tags": ["x_refsource_MISC"], "url": "https://github.com/HumanSignal/label-studio/blob/1.9.2.post0/label_studio/data_import/uploader.py#L125C5-L146"}], "affected": [{"vendor": "HumanSignal", "product": "label-studio", "versions": [{"version": "< 1.10.1", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-01-23T23:15:09.044Z"}, "descriptions": [{"lang": "en", "value": "Label Studio, an open source data labeling tool had a remote import feature allowed users to import data from a remote web source, that was downloaded and could be viewed on the website. Prior to version 1.10.1, this feature could had been abused to download a HTML file that executed malicious JavaScript code in the context of the Label Studio website. Executing arbitrary JavaScript could result in an attacker performing malicious actions on Label Studio users if they visit the crafted avatar image. For an example, an attacker can craft a JavaScript payload that adds a new Django Super Administrator user if a Django administrator visits the image.\n\n`data_import/uploader.py` lines 125C5 through 146 showed that if a URL passed the server side request forgery verification checks, the contents of the file would be downloaded using the filename in the URL. The downloaded file path could then be retrieved by sending a request to `/api/projects/{project_id}/file-uploads?ids=[{download_id}]` where `{project_id}` was the ID of the project and `{download_id}` was the ID of the downloaded file. Once the downloaded file path was retrieved by the previous API endpoint, `data_import/api.py`lines 595C1 through 616C62 demonstrated that the `Content-Type` of the response was determined by the file extension, since `mimetypes.guess_type` guesses the `Content-Type` based on the file extension. Since the `Content-Type` was determined by the file extension of the downloaded file, an attacker could import in a `.html` file that would execute JavaScript when visited.\n\nVersion 1.10.1 contains a patch for this issue. Other remediation strategies are also available. For all user provided files that are downloaded by Label Studio, set the `Content-Security-Policy: sandbox;` response header when viewed on the site. The `sandbox` directive restricts a page's actions to prevent popups, execution of plugins and scripts and enforces a `same-origin` policy. Alternatively, restrict the allowed file extensions that may be downloaded."}], "source": {"advisory": "GHSA-fq23-g58m-799r", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T23:06:25.341Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/HumanSignal/label-studio/security/advisories/GHSA-fq23-g58m-799r", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/HumanSignal/label-studio/security/advisories/GHSA-fq23-g58m-799r"}, {"name": "https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/sandbox", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/sandbox"}, {"name": "https://github.com/HumanSignal/label-studio/blob/1.9.2.post0/label_studio/data_import/api.py#L595C1-L616C62", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/HumanSignal/label-studio/blob/1.9.2.post0/label_studio/data_import/api.py#L595C1-L616C62"}, {"name": "https://github.com/HumanSignal/label-studio/blob/1.9.2.post0/label_studio/data_import/uploader.py#L125C5-L146", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/HumanSignal/label-studio/blob/1.9.2.post0/label_studio/data_import/uploader.py#L125C5-L146"}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:humansignal:label_studio:*:*:*:*:*:*:*:*", "matchCriteriaId": "0851F09C-7B83-47B1-8217-1394F68D0B13", "versionEndExcluding": "1.10.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Label Studio, an open source data labeling tool had a remote import feature allowed users to import data from a remote web source, that was downloaded and could be viewed on the website. Prior to version 1.10.1, this feature could had been abused to download a HTML file that executed malicious JavaScript code in the context of the Label Studio website. Executing arbitrary JavaScript could result in an attacker performing malicious actions on Label Studio users if they visit the crafted avatar image. For an example, an attacker can craft a JavaScript payload that adds a new Django Super Administrator user if a Django administrator visits the image.\n\n`data_import/uploader.py` lines 125C5 through 146 showed that if a URL passed the server side request forgery verification checks, the contents of the file would be downloaded using the filename in the URL. The downloaded file path could then be retrieved by sending a request to `/api/projects/{project_id}/file-uploads?ids=[{download_id}]` where `{project_id}` was the ID of the project and `{download_id}` was the ID of the downloaded file. Once the downloaded file path was retrieved by the previous API endpoint, `data_import/api.py`lines 595C1 through 616C62 demonstrated that the `Content-Type` of the response was determined by the file extension, since `mimetypes.guess_type` guesses the `Content-Type` based on the file extension. Since the `Content-Type` was determined by the file extension of the downloaded file, an attacker could import in a `.html` file that would execute JavaScript when visited.\n\nVersion 1.10.1 contains a patch for this issue. Other remediation strategies are also available. For all user provided files that are downloaded by Label Studio, set the `Content-Security-Policy: sandbox;` response header when viewed on the site. The `sandbox` directive restricts a page's actions to prevent popups, execution of plugins and scripts and enforces a `same-origin` policy. Alternatively, restrict the allowed file extensions that may be downloaded."}, {"lang": "es", "value": "Label Studio, una herramienta de etiquetado de datos de c\u00f3digo abierto, ten\u00eda una funci\u00f3n de importaci\u00f3n remota que permit\u00eda a los usuarios importar datos desde una fuente web remota, que se descargaba y se pod\u00eda ver en el sitio web. Antes de la versi\u00f3n 1.10.1, se pod\u00eda abusar de esta caracter\u00edstica para descargar un archivo HTML que ejecutaba c\u00f3digo JavaScript malicioso en el contexto del sitio web de Label Studio. La ejecuci\u00f3n de JavaScript arbitrario podr\u00eda provocar que un atacante realice acciones maliciosas en los usuarios de Label Studio si visitan la imagen de avatar creada. Por ejemplo, un atacante puede crear un payload de JavaScript que agregue un nuevo usuario de Superadministrador de Django si un administrador de Django visita la imagen. Las l\u00edneas 125C5 a 146 de `data_import/uploader.py` mostraban que si una URL pasaba las verificaciones de verificaci\u00f3n de server side request forgery, el contenido del archivo se descargar\u00eda usando el nombre de archivo en la URL. La ruta del archivo descargado podr\u00eda recuperarse enviando una solicitud a `/api/projects/{project_id}/file-uploads?ids=[{download_id}]` donde `{project_id}` era el ID del proyecto y `{ download_id}` era el ID del archivo descargado. Una vez que el endpoint API anterior recuper\u00f3 la ruta del archivo descargado, las l\u00edneas `data_import/api.py` 595C1 a 616C62 demostraron que el `Content-Type` de la respuesta estaba determinado por la extensi\u00f3n del archivo, ya que `mimetypes.guess_type` adivina el `Tipo de contenido` basado en la extensi\u00f3n del archivo. Dado que el \"Tipo de contenido\" estaba determinado por la extensi\u00f3n del archivo descargado, un atacante podr\u00eda importar un archivo \".html\" que ejecutar\u00eda JavaScript cuando lo visitara. La versi\u00f3n 1.10.1 contiene un parche para este problema. Tambi\u00e9n se encuentran disponibles otras estrategias de remediaci\u00f3n. Para todos los archivos proporcionados por el usuario que Label Studio descarga, configure el encabezado de respuesta `Content-Security-Policy: sandbox;` cuando se vea en el sitio. La directiva `sandbox` restringe las acciones de una p\u00e1gina para evitar ventanas emergentes, la ejecuci\u00f3n de complementos y scripts y aplica una pol\u00edtica de `mismo origen`. Alternativamente, restrinja las extensiones de archivos permitidas que se pueden descargar."}], "id": "CVE-2024-23633", "lastModified": "2024-02-01T15:47:45.103", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2024-01-24T00:15:08.373", "references": [{"source": "security-advisories@github.com", "tags": ["Not Applicable"], "url": "https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/sandbox"}, {"source": "security-advisories@github.com", "tags": ["Product"], "url": "https://github.com/HumanSignal/label-studio/blob/1.9.2.post0/label_studio/data_import/api.py#L595C1-L616C62"}, {"source": "security-advisories@github.com", "tags": ["Product"], "url": "https://github.com/HumanSignal/label-studio/blob/1.9.2.post0/label_studio/data_import/uploader.py#L125C5-L146"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://github.com/HumanSignal/label-studio/security/advisories/GHSA-fq23-g58m-799r"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-79"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction Required

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction Required

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object