CVE-2024-29133
Cross-site scripting (XSS) vulnerability in commons-configuration2 (Maven)
What is CVE-2024-29133 About?
A Cross-site scripting (XSS) vulnerability exists in Selenium Grid v3.141.59, allowing attackers to inject arbitrary web scripts or HTML. This is achieved through a crafted payload in the `hub` parameter on the `/grid/console` page. The impact allows for client-side script execution, and exploitation is relatively straightforward given parameter manipulation.
Affected Software
Technical Details
The Cross-site scripting (XSS) vulnerability in Selenium Grid v3.141.59 is located on the /grid/console page. An attacker can inject arbitrary web scripts or HTML by crafting a malicious payload and supplying it via the hub parameter in the URL. When the /grid/console page is rendered, the application fails to properly sanitize or encode the content of the hub parameter before it is reflected in the HTML output. This allows the injected script to execute in the victim's browser context, leading to XSS.
What is the Impact of CVE-2024-29133?
Successful exploitation may allow attackers to execute arbitrary scripts in the context of the user's browser, hijack user sessions, deface the web interface, or redirect users to malicious sites.
What is the Exploitability of CVE-2024-29133?
Exploitation of this XSS vulnerability is of low complexity. It requires an attacker to craft a malicious payload and inject it into the hub parameter of the /grid/console page. This is a remote attack and typically does not require any specific authentication or elevated privileges, as the affected page is often publicly accessible or accessible with standard user credentials. The primary prerequisite is the ability to send HTTP requests to the target Selenium Grid instance. Special conditions include the vulnerability being specifically located on the /grid/console page and tied to the hub parameter. Risk factors include publicly exposed Selenium Grid instances or scenarios where users can be tricked into clicking malicious links.
What are the Known Public Exploits?
| PoC Author | Link | Commentary |
|---|---|---|
| No known exploits | ||
What are the Available Fixes for CVE-2024-29133?
Available Upgrade Options
- org.apache.commons:commons-configuration2
- >2.0, <2.10.1 → Upgrade to 2.10.1
Struggling with dependency upgrades?
See how Resolved Security's drop-in replacements make it simple.
Book a demoAdditional Resources
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SNKDKEEKZNL5FGCTZKJ6CFXFVWFL5FJ7/
- https://lists.apache.org/thread/ccb9w15bscznh6tnp3wsvrrj9crbszh2
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SNKDKEEKZNL5FGCTZKJ6CFXFVWFL5FJ7
- apache/commons-configuration
- https://nvd.nist.gov/vuln/detail/CVE-2024-29133
- https://lists.apache.org/thread/ccb9w15bscznh6tnp3wsvrrj9crbszh2
- https://github.com/apache/commons-configuration/commit/43f4dab021e9acb8db390db2ae80aa0cee4f9ee4
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YD4AFTIIQW662LUAQRMWS6BBKYSZG3YS/
- http://www.openwall.com/lists/oss-security/2024/03/20/3
- https://osv.dev/vulnerability/GHSA-9w38-p64v-xpmv
What are Similar Vulnerabilities to CVE-2024-29133?
Similar Vulnerabilities: CVE-2023-42465 , CVE-2023-28956 , CVE-2023-38501 , CVE-2023-45479 , CVE-2023-21950
