CVE-2024-5062

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-5062

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-5062.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-5062

Aliases

Published

2024-06-30T16:15:03Z

Modified

2025-01-18T22:56:51.683441Z

Severity

6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

A reflected Cross-Site Scripting (XSS) vulnerability was identified in zenml-io/zenml version 0.57.1. The vulnerability exists due to improper neutralization of input during web page generation, specifically within the survey redirect parameter. This flaw allows an attacker to redirect users to a specified URL after completing a survey, without proper validation of the 'redirect' parameter. Consequently, an attacker can execute arbitrary JavaScript code in the context of the user's browser session. This vulnerability could be exploited to steal cookies, potentially leading to account takeover.

References

Affected packages

Git / github.com/zenml-io/zenml

Affected ranges

Type: GIT
Repo: https://github.com/zenml-io/zenml
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

21edd863c0ba53c1110b6f018a07c2d6853cf6d4

Fixed

21edd863c0ba53c1110b6f018a07c2d6853cf6d4

Affected versions

0.*

0.1.0

0.1.1

0.1.2

0.1.3

0.1.3rc0

0.1.4

0.1.5

0.10.0

0.11.0

0.12.0

0.13.0

0.13.1

0.13.2

0.2.0

0.2.0rc1

0.2.0rc2

0.20.3

0.20.5

0.21.0

0.21.1

0.22.0

0.23.0

0.3.0

0.3.1

0.3.1rc0

0.3.2

0.3.3

0.3.3rc0

0.3.4

0.3.4rc0

0.3.5

0.3.5rc0

0.3.6

0.3.6.1

0.3.6rc0

0.3.7

0.3.7.1rc0

0.3.7.1rc1

0.3.7.1rc2

0.3.7.1rc3

0.3.7.1rc4

0.3.7.1rc5

0.3.7rc0

0.3.8

0.3.9rc1

0.3.9rc2

0.30.0

0.31.0

0.31.1

0.32.0

0.32.1

0.33.0

0.34.0

0.35.0

0.35.1

0.36.1

0.37.0

0.38.0

0.39.0

0.39.1

0.40.0

0.40.1

0.40.2

0.41.0

0.42.0

0.43.0

0.44.0

0.44.1

0.44.2

0.44.3

0.45.0

0.45.1

0.45.2

0.45.3

0.45.4

0.45.5

0.45.6

0.46.1

0.47.0

0.5.0

0.5.0rc1

0.5.0rc2

0.5.1

0.5.2

0.5.3

0.5.4

0.5.5

0.5.6

0.5.7

0.54.0

0.54.1

0.55.0

0.55.1

0.55.2

0.55.4

0.55.5

0.56.0

0.56.1

0.56.2

0.56.4

0.57.0

0.57.0rc1

0.57.0rc2

0.57.1

0.6.0

0.6.1

0.6.2

0.6.3

0.7.0

0.7.1

0.8.1

0.8.1rc0

0.9.0