CVE-2023-43791
published 2023-11-09CVE-2023-43791: Label Studio is a multi-type data labeling and annotation tool with standardized output format. There is a vulnerability that can be chained within the ORM…
PriorityP357high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
1.24%
65.5th percentile
Label Studio is a multi-type data labeling and annotation tool with standardized output format. There is a vulnerability that can be chained within the ORM Leak vulnerability to impersonate any account on Label Studio. An attacker could exploit these vulnerabilities to escalate their privileges from a low privilege user to a Django Super Administrator user. The vulnerability was found to affect versions before `1.8.2`, where a patch was introduced.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| humansignal | label-studio | <= 1.8.1 | — |
| humansignal | label-studio | >= 0 < 3d06c5131c15600621e08b06f07d976887cde81b | 3d06c5131c15600621e08b06f07d976887cde81b |
| humansignal | label-studio | >= 0 < 1.8.2 | 1.8.2 |
| humansignal | label_studio | < 1.8.2 | 1.8.2 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Liferay Portal vulnerable to Cross-site Scripting
ghsa·2025-09-15
CVE-2025-43791 [MEDIUM] CWE-79 Liferay Portal vulnerable to Cross-site Scripting
Liferay Portal vulnerable to Cross-site Scripting
Multiple cross-site scripting (XSS) vulnerabilities in Liferay Portal 7.3.0 through 7.4.3.111, and Liferay DXP 2023.Q4.0, 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92 and 7.3 GA through update 36 allow remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a "Rich Text" type field to (1) a web content structure, (2) a Documents and Media Document Type , or (3) custom assets that uses the Data Engine's module Rich Text field.
OSV
CVE-2023-43791: Label Studio is a multi-type data labeling and annotation tool with standardized output format
osv·2023-11-09
CVE-2023-43791 CVE-2023-43791: Label Studio is a multi-type data labeling and annotation tool with standardized output format
Label Studio is a multi-type data labeling and annotation tool with standardized output format. There is a vulnerability that can be chained within the ORM Leak vulnerability to impersonate any account on Label Studio. An attacker could exploit these vulnerabilities to escalate their privileges from a low privilege user to a Django Super Administrator user. The vulnerability was found to affect versions before `1.8.2`, where a patch was introduced.
GHSA
Label Studio has Hardcoded Django `SECRET_KEY` that can be Abused to Forge Session Tokens
ghsa·2023-11-09
CVE-2023-43791 [CRITICAL] CWE-200 Label Studio has Hardcoded Django `SECRET_KEY` that can be Abused to Forge Session Tokens
Label Studio has Hardcoded Django `SECRET_KEY` that can be Abused to Forge Session Tokens
# Introduction
This write-up describes a vulnerability found in [Label Studio](https://github.com/HumanSignal/label-studio), a popular open source data labeling tool. The vulnerability was found to affect versions before `1.8.2`, where a patch was introduced.
# Overview
In [Label Studio version 1.8.1](https://github.com/HumanSignal/label-studio/tree/1.8.1), a hard coded Django `SECRET_KEY` was set in the application settings. The Django `SECRET_KEY` is used for signing session tokens by the web application framework, and should never be shared with unauthorised parties.
However, the Django framework inserts a `_auth_user_hash` claim in the session token that is a HMAC hash of the account's passwo
OSV
Label Studio has Hardcoded Django `SECRET_KEY` that can be Abused to Forge Session Tokens
osv·2023-11-09
CVE-2023-43791 [CRITICAL] Label Studio has Hardcoded Django `SECRET_KEY` that can be Abused to Forge Session Tokens
Label Studio has Hardcoded Django `SECRET_KEY` that can be Abused to Forge Session Tokens
# Introduction
This write-up describes a vulnerability found in [Label Studio](https://github.com/HumanSignal/label-studio), a popular open source data labeling tool. The vulnerability was found to affect versions before `1.8.2`, where a patch was introduced.
# Overview
In [Label Studio version 1.8.1](https://github.com/HumanSignal/label-studio/tree/1.8.1), a hard coded Django `SECRET_KEY` was set in the application settings. The Django `SECRET_KEY` is used for signing session tokens by the web application framework, and should never be shared with unauthorised parties.
However, the Django framework inserts a `_auth_user_hash` claim in the session token that is a HMAC hash of the account's passwo
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://github.com/HumanSignal/label-studio/commit/3d06c5131c15600621e08b06f07d976887cde81bhttps://github.com/HumanSignal/label-studio/pull/4690https://github.com/HumanSignal/label-studio/releases/tag/1.8.2https://github.com/HumanSignal/label-studio/security/advisories/GHSA-f475-x83m-rx5mhttps://github.com/HumanSignal/label-studio/commit/3d06c5131c15600621e08b06f07d976887cde81bhttps://github.com/HumanSignal/label-studio/pull/4690https://github.com/HumanSignal/label-studio/releases/tag/1.8.2https://github.com/HumanSignal/label-studio/security/advisories/GHSA-f475-x83m-rx5m
2023-11-09
Published