CVE-2023-5115
Cross-Site Scripting (XSS) vulnerability in ansible (PyPI)
What is CVE-2023-5115 About?
This is a reflected Cross-Site Scripting (XSS) vulnerability found in the mlflow/mlflow repository. Attackers can inject malicious JavaScript via the 'Content-Type' header, causing arbitrary script execution in the victim's browser. This vulnerability is relatively easy to exploit, requiring specific header manipulation.
Affected Software
Technical Details
The vulnerability lies in the 'mlflow/server/auth/init.py' file, where the application improperly handles the 'Content-Type' header in POST requests. An attacker crafts a POST request with a malicious 'Content-Type' header containing JavaScript code. The application directly inserts this unsanitized header value into a Python formatted string which is then reflected back to the user's browser. Since no adequate sanitization or escaping occurs, the browser executes the injected JavaScript in the context of the victim's session, leading to an XSS attack.
What is the Impact of CVE-2023-5115?
Successful exploitation may allow attackers to steal session cookies, deface web pages, redirect users to malicious sites, or perform actions on behalf of the victim.
What is the Exploitability of CVE-2023-5115?
Exploitation requires crafting a specific POST request with a malicious 'Content-Type' header. It is a client-side vulnerability, meaning the malicious script runs in the victim's browser, typically requiring user interaction (e.g., clicking a link or visiting a malicious page that triggers the request). No authentication is typically required for the initial script injection, but the impact is within an authenticated user's session. It is a remote exploitation scenario, and the primary risk factor is the application's failure to sanitize user-supplied input that is reflected in the response.
What are the Known Public Exploits?
| PoC Author | Link | Commentary |
|---|---|---|
| No known exploits | ||
What are the Available Fixes for CVE-2023-5115?
Available Upgrade Options
- ansible
- <8.5.0 → Upgrade to 8.5.0
Struggling with dependency upgrades?
See how Resolved Security's drop-in replacements make it simple.
Book a demoAdditional Resources
- https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html
- https://access.redhat.com/errata/RHSA-2023:5758
- https://nvd.nist.gov/vuln/detail/CVE-2023-5115
- https://osv.dev/vulnerability/GHSA-jpvw-p8pr-9g2x
- https://github.com/ansible/ansible/commit/1e930684bc0a76ec3d094cd326738ad26416541c
- https://access.redhat.com/security/cve/CVE-2023-5115
- https://bugzilla.redhat.com/show_bug.cgi?id=2233810
- https://github.com/ansible/ansible
- https://access.redhat.com/errata/RHSA-2023:5701
- https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html
What are Similar Vulnerabilities to CVE-2023-5115?
Similar Vulnerabilities: CVE-2023-49272 , CVE-2023-49271 , CVE-2023-49273 , CVE-2023-49270 , CVE-2023-49269
