CVE-2024-27290
published 2024-03-21CVE-2024-27290: Docassemble is an expert system for guided interviews and document assembly. Prior to 1.4.97, a user could type HTML into a field, including the field for the…
PriorityP427medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EPSS
0.43%
34.7th percentile
Docassemble is an expert system for guided interviews and document assembly. Prior to 1.4.97, a user could type HTML into a field, including the field for the user's name, and then that HTML could be displayed on the screen as HTML. The vulnerability has been patched in version 1.4.97 of the master branch.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jhpyle | docassemble | < 1.4.97 | 1.4.97 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Docassemble HTML and javascript injection
osv·2024-02-29
CVE-2024-27290 [MEDIUM] Docassemble HTML and javascript injection
Docassemble HTML and javascript injection
### Impact
A user could type HTML into a field, including the field for the user's name, and then that HTML could be displayed on the screen as HTML. The HTML can also contain `` tags allowing JavaScript to execute on the page.
### Patches
The vulnerability has been patched in version 1.4.97 of the master branch. The Docker image on docker.io has been patched.
### Workarounds
If upgrading is not possible, manually apply the changes of [4801ac7](https://github.com/jhpyle/docassemble/commit/4801ac7ff7c90df00ac09523077930cdb6dea2aa) and restart the server (e.g., by pressing Save on the Configuration screen).
### Credit
The vulnerability was discovered by Riyush Ghimire (@richighimi).
### For more information
If you have any questions or comments
GHSA
Docassemble HTML and javascript injection
ghsa·2024-02-29
CVE-2024-27290 [MEDIUM] CWE-79 Docassemble HTML and javascript injection
Docassemble HTML and javascript injection
### Impact
A user could type HTML into a field, including the field for the user's name, and then that HTML could be displayed on the screen as HTML. The HTML can also contain `` tags allowing JavaScript to execute on the page.
### Patches
The vulnerability has been patched in version 1.4.97 of the master branch. The Docker image on docker.io has been patched.
### Workarounds
If upgrading is not possible, manually apply the changes of [4801ac7](https://github.com/jhpyle/docassemble/commit/4801ac7ff7c90df00ac09523077930cdb6dea2aa) and restart the server (e.g., by pressing Save on the Configuration screen).
### Credit
The vulnerability was discovered by Riyush Ghimire (@richighimi).
### For more information
If you have any questions or comments
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://github.com/jhpyle/docassemble/commit/4801ac7ff7c90df00ac09523077930cdb6dea2aahttps://github.com/jhpyle/docassemble/security/advisories/GHSA-pcfx-g2j2-f6f6https://github.com/jhpyle/docassemble/commit/4801ac7ff7c90df00ac09523077930cdb6dea2aahttps://github.com/jhpyle/docassemble/security/advisories/GHSA-pcfx-g2j2-f6f6
2024-03-21
Published