CVE-2024-30264

{"id": "CVE-2024-30264", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 2.8}]}, "published": "2024-04-04T21:15:16.380", "references": [{"url": "https://github.com/baptisteArno/typebot.io/blob/v2.23.0/apps/builder/src/features/auth/components/SignInForm.tsx#L35", "source": "security-advisories@github.com"}, {"url": "https://github.com/baptisteArno/typebot.io/commit/d0be29e25732c410b561cbc3c5607c3c1d4b6c8e", "source": "security-advisories@github.com"}, {"url": "https://github.com/baptisteArno/typebot.io/security/advisories/GHSA-mx2f-9mcr-8j73", "source": "security-advisories@github.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Typebot is an open-source chatbot builder. A reflected cross-site scripting (XSS) in the sign-in page of typebot.io prior to version 2.24.0 may allow an attacker to hijack a user's account. The sign-in page takes the `redirectPath` parameter from the URL. If a user clicks on a link where the `redirectPath` parameter has a javascript scheme, the attacker that crafted the link may be able to execute arbitrary JavaScript with the privileges of the user. Version 2.24.0 contains a patch for this issue."}, {"lang": "es", "value": "Typebot es un creador de chatbots de c\u00f3digo abierto. Un cross-site scripting (XSS) reflejado en la p\u00e1gina de inicio de sesi\u00f3n de typebot.io antes de la versi\u00f3n 2.24.0 puede permitir que un atacante se apodere de la cuenta de un usuario. La p\u00e1gina de inicio de sesi\u00f3n toma el par\u00e1metro `redirectPath` de la URL. Si un usuario hace clic en un enlace donde el par\u00e1metro `redirectPath` tiene un esquema javascript, el atacante que cre\u00f3 el enlace puede ejecutar JavaScript arbitrario con los privilegios del usuario. La versi\u00f3n 2.24.0 contiene un parche para este problema."}], "lastModified": "2024-04-05T12:40:52.763", "sourceIdentifier": "security-advisories@github.com"}