Miggo Logo

CVE-2015-4707: Improper Neutralization of Input During Web Page Generation in IPython

6.1

CVSS Score
3.1

Basic Information

EPSS Score
0.73259%
Published
5/13/2022
Updated
9/23/2024
KEV Status
No
Technology
TechnologyPython

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
ipythonpip>= 0, < 3.2.03.2.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stemmed from error responses (including user-controllable input) being served with text/html Content-Type. The critical fixes in the commit 7222bd5: (1) introduced APIHandler to enforce 'application/json' headers, and (2) modified the json_errors decorator to explicitly set this header during exception handling. Functions like write_error and API endpoint handlers (e.g., ApiVersionHandler.get) relied on these mechanisms. Prior to the patch, missing headers allowed XSS when error messages containing attacker-controlled data were reflected without proper escaping or content type restrictions.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*ross-sit* s*riptin* (XSS) vuln*r**ility in IPyt*on ***or* *.* *llows r*mot* *tt**k*rs to inj**t *r*itr*ry w** s*ript or *TML vi* v**tors involvin* JSON *rror m*ss***s *n* t** /*pi/not**ooks p*t*.

Reasoning

T** vuln*r**ility st*mm** *rom *rror r*spons*s (in*lu*in* us*r-*ontroll**l* input) **in* s*rv** wit* t*xt/*tml *ont*nt-Typ*. T** *riti**l *ix*s in t** *ommit *******: (*) intro*u*** *PI**n*l*r to *n*or** '*ppli**tion/json' *****rs, *n* (*) mo*i*i** t