CVE-2023-24810
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2023-24810
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-24810.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2023-24810
- Aliases
-
- GHSA-cc6r-chgr-8r5m
- Published
- 2023-02-22T19:15:34Z
- Modified
- 2025-10-15T02:27:46.178426Z
- Severity
-
- 7.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L CVSS Calculator
- Summary
- Cross site scripting (XSS) vulnerability using authentication callback in Misskey
- Details
-
Misskey is an open source, decentralized social media platform. Due to insufficient validation of the redirect URL during
miauthauthentication in Misskey, arbitrary JavaScript can be executed when a user allows the link. All versions below 13.3.1 (including 12.x) are affected. This has been fixed in version 13.3.1. Users are advised to upgrade. Users unable to upgrade should not allow authentication of untrusted apps. - References
Affected packages
Git / github.com/misskey-dev/misskey
Affected ranges
- Type
- GIT
- Repo
- https://github.com/misskey-dev/misskey
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
0.*
0.0.5018
0.0.5023
0.0.5030
0.0.5042
0.0.5051
0.0.5064
0.0.5074
0.0.5089
1.*
1.0.0
1.1.0
1.2.0
1.3.0
1.4.0
1.5.0
1.6.0
1.7.0
10.*
10.0.0
10.1.0
10.10.0
10.10.1
10.100.0
10.11.0
10.11.1
10.12.0
10.12.1
10.13.0
10.14.0
10.15.0
10.16.0
10.17.0
10.18.0
10.19.0
10.2.0
10.2.1
10.20.0
10.21.0
10.21.1
10.21.2
10.21.3
10.22.0
10.22.1
10.23.0
10.23.1
10.24.0
10.25.0
10.26.0
10.27.0
10.28.0
10.29.0
10.29.1
10.3.0
10.30.0
10.30.1
10.30.2
10.30.3
10.31.0
10.32.0
10.33.0
10.34.0
10.35.0
10.35.1
10.36.0
10.36.1
10.37.0
10.38.0
10.38.1
10.38.2
10.38.3
10.38.4
10.38.5
10.38.6
10.38.7
10.38.8
10.39.0
10.39.1
10.4.0
10.40.0
10.40.1
10.41.0
10.42.0
10.42.2
10.43.0
10.43.1
10.44.0
10.44.1
10.44.2
10.45.0
10.46.0
10.46.1
10.46.2
10.47.0
10.48.0
10.48.1
10.49.0
10.49.1
10.49.2
10.49.3
10.49.4
10.49.5
10.49.6
10.49.7
10.5.0
10.50.0
10.51.0
10.51.1
10.51.2
10.52.0
10.53.0
10.54.0
10.55.0
10.56.0
10.56.1
10.56.2
10.57.0
10.57.1
10.57.2
10.57.3
10.58.0
10.58.1
10.58.2
10.59.0
10.59.1
10.59.2
10.59.3
10.59.4
10.6.0
10.60.0
10.60.1
10.60.2
10.60.3
10.60.4
10.61.0
10.62.0
10.62.1
10.62.2
10.63.0
10.63.1
10.64.0
10.64.1
10.64.2
10.65.0
10.66.0
10.66.1
10.66.2
10.67.0
10.68.0
10.69.0
10.7.0
10.7.1
10.7.2
10.70.0
10.70.1
10.71.0
10.72.0
10.73.0
10.74.0
10.75.0
10.76.0
10.77.0
10.78.0
10.78.1
10.78.2
10.78.3
10.78.4
10.78.5
10.79.0
10.79.1
10.8.0
10.80.0
10.81.0
10.82.0
10.82.1
10.82.2
10.82.3
10.82.4
10.83.0
10.84.0
10.84.1
10.84.2
10.85.0
10.85.1
10.85.2
10.86.0
10.86.1
10.86.2
10.87.0
10.87.1
10.87.2
10.87.3
10.87.4
10.87.5
10.88.0
10.89.0
10.89.1
10.9.0
10.9.1
10.9.2
10.90.0
10.90.1
10.90.2
10.90.3
10.90.4
10.91.0
10.91.1
10.91.2
10.92.0
10.92.1
10.92.2
10.92.3
10.92.4
10.93.0
10.93.1
10.94.0
10.95.0
10.96.0
10.97.0
10.97.1
10.97.2
10.98.0
10.98.1
10.98.2
10.98.3
10.99.0
11.*
11.0.0
11.0.0-alpha.1
11.0.0-alpha.10
11.0.0-alpha.2
11.0.0-alpha.3
11.0.0-alpha.4
11.0.0-alpha.5
11.0.0-alpha.6
11.0.0-alpha.7
11.0.0-alpha.8
11.0.0-beta.1
11.0.0-beta.10
11.0.0-beta.11
11.0.0-beta.12
11.0.0-beta.13
11.0.0-beta.14
11.0.0-beta.15
11.0.0-beta.16
11.0.0-beta.2
11.0.0-beta.3
11.0.0-beta.4
11.0.0-beta.5
11.0.0-beta.6
11.0.0-beta.7
11.0.0-beta.8
11.0.0-beta.9
11.0.1
11.0.2
11.0.3
11.1.0
11.1.1
11.1.2
11.1.3
11.1.4
11.1.5
11.1.6
11.10.0
11.10.1
11.11.0
11.11.1
11.11.2
11.12.0
11.13.0
11.14.0
11.15.0
11.16.0
11.16.1
11.17.0
11.17.1
11.18.0
11.18.1
11.19.0
11.19.1
11.2.0
11.2.1
11.2.2
11.20.0
11.20.1
11.20.2
11.20.3
11.20.4
11.21.0
11.22.0
11.23.0
11.23.1
11.24.0
11.24.1
11.24.2
11.25.0
11.25.1
11.26.0
11.26.1
11.26.2
11.27.0
11.27.1
11.28.0
11.28.1
11.28.2
11.29.0
11.3.0
11.3.1
11.30.0
11.31.0
11.31.1
11.31.2
11.31.3
11.31.4
11.32.0
11.33.0
11.34.0
11.35.0
11.35.1
11.36.0
11.37.0
11.37.1
11.4.0
11.5.0
11.5.1
11.6.0
11.7.0
11.8.0
11.8.0-2
11.8.1
11.9.0
12.*
12.0.0
12.1.0
12.10.0
12.100.0
12.100.1
12.100.2
12.101.0
12.101.1
12.102.0
12.102.1
12.103.0
12.103.1
12.104.0
12.105.0
12.106.0
12.106.1
12.106.2
12.106.3
12.107.0
12.108.0
12.108.1
12.109.0
12.109.1
12.109.2
12.11.0
12.110.0
12.110.1
12.111.0
12.111.1
12.112.0
12.112.1
12.112.2
12.112.3
12.113.0
12.114.0
12.115.0
12.116.0
12.116.1
12.117.0
12.117.1
12.118.0
12.118.1
12.119.0
12.119.1
12.12.0
12.13.0
12.14.0
12.15.0
12.16.0
12.17.0
12.18.0
12.18.1
12.19.0
12.2.0
12.20.0
12.21.0
12.22.0
12.23.0
12.24.0
12.24.1
12.24.2
12.25.0
12.26.0
12.27.0
12.27.1
12.28.0
12.29.0
12.3.0
12.30.0
12.31.0
12.32.0
12.33.0
12.34.0
12.35.0
12.35.1
12.35.2
12.36.0
12.36.1
12.37.0
12.38.0
12.38.1
12.39.0
12.39.1
12.4.0
12.4.1
12.40.0
12.41.0
12.41.1
12.41.2
12.41.3
12.42.0
12.43.0
12.44.0
12.44.1
12.45.0
12.45.1
12.46.0
12.47.0
12.47.1
12.48.0
12.48.1
12.48.2
12.48.3
12.49.0
12.49.1
12.5.0
12.50.0
12.51.0
12.52.0
12.53.0
12.54.0
12.55.0
12.56.0
12.57.0
12.57.1
12.57.4
12.58.0
12.59.0
12.6.0
12.60.0
12.60.1
12.61.0
12.61.1
12.62.0
12.62.1
12.62.2
12.63.0
12.64.0
12.64.1
12.64.2
12.65.0
12.65.1
12.65.2
12.65.3
12.65.4
12.65.5
12.65.6
12.65.7
12.66.0
12.67.0
12.67.1
12.68.0
12.69.0
12.7.0
12.7.1
12.70.0
12.71.0
12.72.0
12.73.0
12.74.0
12.74.1
12.75.0
12.75.1
12.76.0
12.76.1
12.77.0
12.77.1
12.78.0
12.79.0
12.79.1
12.79.2
12.79.3
12.8.0
12.80.0
12.80.1
12.80.2
12.80.3
12.81.0
12.81.1
12.81.2
12.82.0
12.83.0
12.84.0
12.84.1
12.84.2
12.84.3
12.85.0
12.85.1
12.86.0
12.87.0
12.88.0
12.89.0
12.89.1
12.89.2
12.9.0
12.90.0
12.90.1
12.91.0
12.92.0
12.93.0
12.93.1
12.93.2
12.94.0
12.94.1
12.95.0
12.96.0
12.96.1
12.97.0
12.97.1
12.98.0
12.99.0
12.99.1
12.99.2
12.99.3
13.*
13.0.0
13.0.0-beta.16
13.0.0-beta.21
13.0.0-beta.22
13.0.0-beta.23
13.0.0-beta.24
13.0.0-beta.25
13.0.0-beta.26
13.0.0-beta.27
13.0.0-beta.28
13.0.0-beta.29
13.0.0-beta.30
13.0.0-beta.31
13.0.0-beta.32
13.0.0-beta.33
13.0.0-beta.34
13.0.0-beta.35
13.0.0-beta.36
13.0.0-beta.37
13.0.0-beta.38
13.0.0-beta.39
13.0.0-beta.40
13.0.0-beta.41
13.0.0-beta.42
13.0.0-beta.43
13.0.0-rc.1
13.0.0-rc.10
13.0.0-rc.11
13.0.0-rc.2
13.0.0-rc.3
13.0.0-rc.4
13.0.0-rc.5
13.0.0-rc.6
13.0.0-rc.7
13.0.0-rc.8
13.0.0-rc.9
13.1.0
13.1.0-beta.1
13.1.0-beta.2
13.1.1
13.1.2
13.1.3
13.1.4
13.1.5
13.1.6
13.1.7
13.1.8
13.2.0
13.2.1
13.2.2
13.2.3
13.2.4
13.2.5
13.2.6
13.3.0
2.*
2.0.0
2.1.1
2.1.2
2.1.3
2.1.4
2.10.0
2.10.1
2.11.0
2.12.0
2.13.0
2.14.0
2.15.0
2.16.0
2.16.1
2.16.2
2.16.3
2.16.4
2.16.5
2.16.6
2.16.7
2.16.8
2.17.0
2.18.0
2.18.2
2.19.0
2.2.0
2.20.0
2.20.1
2.21.0
2.21.1
2.22.0
2.22.1
2.22.2
2.22.3
2.23.0
2.24.0
2.24.1
2.24.2
2.25.1
2.25.2
2.27.3
2.29.0
2.29.1
2.3.0
2.3.1
2.30.0
2.30.1
2.31.0
2.32.0
2.33.0
2.33.1
2.34.0
2.34.1
2.34.3
2.35.1
2.35.2
2.35.3
2.36.1
2.37.1
2.37.2
2.37.3
2.37.4
2.37.5
2.37.6
2.37.7
2.38.2
2.38.3
2.4.0
2.40.0
2.40.1
2.41.1
2.42.0
2.5.0
2.6.2
2.7.1
2.9.0
2.9.1
3.*
3.0.1
3.1.0
3.1.1
4.*
4.10.0
4.11.0
4.12.0
4.13.0
4.14.0
4.15.0
4.17.1
4.19.1
4.2.0
4.20.0
4.22.1
4.23.1
4.24.1
4.25.0
4.26.0
4.3.0
4.3.1
4.5.0
4.7.0
4.7.1
4.9.0
5.*
5.0.0
5.1.0
5.10.0
5.11.0
5.12.0
5.13.0
5.13.1
5.13.2
5.14.0
5.15.0
5.16.0
5.17.0
5.18.0
5.19.0
5.20.0
5.20.1
5.21.0
5.22.0
5.22.1
5.23.0
5.23.1
5.23.2
5.24.0
5.24.1
5.25.0
5.3.0
5.4.0
5.5.0
5.6.1
5.6.2
6.*
6.0.0
6.0.1
6.0.2
6.1.0
6.2.0
6.3.0
6.3.2
6.4.0
6.4.1
7.*
7.0.0
7.0.2
7.1.0
7.1.1
7.1.2
7.2.0
7.3.0
7.4.0
7.4.0-2
7.4.1
8.*
8.0.0
8.1.0
8.10.0
8.11.0
8.11.1
8.12.0
8.13.0
8.14.0
8.15.0
8.16.0
8.17.0
8.18.0
8.19.0
8.19.1
8.2.0
8.20.0
8.21.0
8.21.1
8.22.0
8.23.0
8.24.0
8.25.0
8.26.0
8.27.0
8.28.0
8.28.1
8.29.0
8.3.0
8.3.1
8.30.0
8.31.0
8.32.0
8.33.0
8.33.1
8.34.0
8.34.1
8.34.2
8.34.3
8.34.4
8.35.0
8.36.0
8.37.0
8.38.0
8.39.0
8.4.0
8.40.0
8.41.0
8.42.0
8.43.0
8.44.0
8.44.1
8.45.0
8.45.1
8.46.0
8.47.0
8.48.0
8.49.0
8.5.0
8.5.1
8.5.1-2
8.50.0
8.51.0
8.52.0
8.53.0
8.54.0
8.55.0
8.56.0
8.57.0
8.57.1
8.58.0
8.59.0
8.6.0
8.60.0
8.61.0
8.62.0
8.63.0
8.64.0
8.7.0
8.8.0
8.9.0
8.9.1
8.9.2
9.*
9.0.0
9.1.0
9.2.0
9.3.0
9.3.1
9.4.0
9.5.0
9.6.0
9.7.0
9.7.1