CVE-2024-21496 Information

Feb 18, 2024 cve

Description

All versions of the package github.com/greenpau/caddy-security are vulnerable to Cross-site Scripting (XSS) via the Referer header due to improper input sanitization. Although the Referer header is sanitized by escaping some characters that can allow XSS (e.g. [&] [<] [>] [] [’]) it does not account for the attack based on the JavaScript URL scheme (e.g. javascript:alert(document.domain)// payload). Exploiting this vulnerability may not be trivial but it could lead to the execution of malicious scripts in the context of the target user’s browser compromising user sessions.

Reference

https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGREENPAUCADDYSECURITY-6249860 https://github.com/greenpau/caddy-security/issues/267 https://blog.trailofbits.com/2023/09/18/security-flaws-in-an-sso-plugin-for-caddy/

Share on: