CVE-2022-46151 Information
Description
Querybook is an open source data querying UI. In affected versions user provided data is not escaped in the error field of the auth callback url in querybook/server/app/auth/oauth_auth.py and querybook/server/app/auth/okta_auth.py. This may allow attackers to perform reflected cross site scripting (XSS) if Content Security Policy (CSP) is not enabled or unsafe-inline is allowed. Users are advised to upgrade to the latest patched version of querybook (version 3.14.2 or greater). Users unable to upgrade may enable CSP and not allow unsafe-inline or manually escape query parameters in a reverse proxy.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Reference
https://github.com/pinterest/querybook/security/advisories/GHSA-mrrw-9wf7-xq6w
https://github.com/pinterest/querybook/commit/88a7f10495bf5ed1a556ade51a2f2794e403c063
Querybook
is
an
open
source
data
querying
UI.
In
affected
versions
user
provided
data
is
not
escaped
in
the
error
field
of
the
auth
callback
url
in
querybook/server/app/auth/oauth_auth.py
and
querybook/server/app/auth/okta_auth.py.
This
may
allow
attackers
to
perform
reflected
cross
site
scripting
(XSS)
if
Content
Security
Policy
(CSP)
is
not
enabled
or
unsafe-inline
is
allowed.
Users
are
advised
to
upgrade
to
the
latest
patched
version
of
querybook
(version
3.14.2
or
greater).
Users
unable
to
upgrade
may
enable
CSP
and
not
allow
unsafe-inline
or
manually
escape
query
parameters
in
a
reverse
proxy.
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
REQUIRED
Confidentiality Impact
CHANGED
Integrity Impact
LOW
Availability Impact
LOW
Base Score
NONE
Base Severity
6.1
Share on: