Miggo Logo
Miggo Vulnerability Database
CVE-2024-41675

CVE-2024-41675: CKAN has Cross-site Scripting vector in the Datatables view plugin

6.8

CVSS Score
3.1

Basic Information

CVE ID
CVE-2024-41675
GHSA ID
GHSA-r3jc-vhf4-6v32
EPSS Score
0.52565%
CWE
CWE-79
Published
8/21/2024
Updated
8/21/2024
KEV Status
No
Technology
TechnologyPython

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
ckanpip>= 2.7.0, < 2.10.52.10.5

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from unescaped data handling in the ajax endpoint of datatables_view plugin. The commit diff shows the fix added HTML escaping to the record construction loop in blueprint.py. The original code used 'str()' conversion without escaping (CWE-79), while the patched version wraps it with 'html.escape()'. The test case added in test_ajax.py demonstrates the XSS payload 'a < b && a > 0' gets properly escaped to 'a < b && a > 0' in responses, confirming the vulnerable data flow path.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

T** [**t*t**l*s vi*w plu*in](*ttps://*o*s.*k*n.or*/*n/*.**/m*int*inin*/**t*-vi*w*r.*tml#**t*t**l*s-vi*w) *i* not prop*rly *s**p* r**or* **t* *omin* *rom t** **t*Stor*, l***in* to * pot*nti*l XSS v**tor. ### Imp**t Sit*s runnin* *K*N >= *.*.* wit* t

Reasoning

T** vuln*r**ility st*ms *rom un*s**p** **t* **n*lin* in t** *j*x *n*point o* **t*t**l*s_vi*w plu*in. T** *ommit *i** s*ows t** *ix ***** *TML *s**pin* to t** r**or* *onstru*tion loop in *lu*print.py. T** ori*in*l *o** us** 'str()' *onv*rsion wit*out