Arc before 2024-08-26 allows remote code execution in JavaScript boosts. Boosts that run JavaScript cannot be shared by default; however (because of misconfigured Firebase ACLs), it is possible to create or update a boost using another user's ID. This installs the boost in the victim's browser and runs arbitrary Javascript on that browser in a privileged context. NOTE: this is a no-action cloud vulnerability with zero affected users.
Metrics
Affected Vendors & Products
References
History
Fri, 20 Sep 2024 19:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Arc before 2024-08-26 allows remote code execution in JavaScript boosts. Boosts that run JavaScript cannot be shared by default; however, it is possible to create or update a boost using another user's ID. This installs the boost in the victim's browser and runs arbitrary Javascript on that browser in a privileged context. | Arc before 2024-08-26 allows remote code execution in JavaScript boosts. Boosts that run JavaScript cannot be shared by default; however (because of misconfigured Firebase ACLs), it is possible to create or update a boost using another user's ID. This installs the boost in the victim's browser and runs arbitrary Javascript on that browser in a privileged context. NOTE: this is a no-action cloud vulnerability with zero affected users. |
References |
|
Fri, 20 Sep 2024 18:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
The Browser Company
The Browser Company arc |
|
Weaknesses | CWE-284 | |
CPEs | cpe:2.3:a:the_browser_company:arc:*:*:*:*:*:*:*:* | |
Vendors & Products |
The Browser Company
The Browser Company arc |
|
Metrics |
cvssV3_1
|
Fri, 20 Sep 2024 16:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Arc before 2024-08-26 allows remote code execution in JavaScript boosts. Boosts that run JavaScript cannot be shared by default; however, it is possible to create or update a boost using another user's ID. This installs the boost in the victim's browser and runs arbitrary Javascript on that browser in a privileged context. | |
References |
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-09-20T00:00:00
Updated: 2024-09-20T18:44:54.069475
Reserved: 2024-08-30T00:00:00
Link: CVE-2024-45489
Vulnrichment
Updated: 2024-09-20T17:24:40.776Z
NVD
Status : Awaiting Analysis
Published: 2024-09-20T17:15:15.060
Modified: 2024-09-26T13:32:55.343
Link: CVE-2024-45489
Redhat
No data.