CVE-2023-6568 MEDIUM

CVE-2023-6568: Reflected XSS via Content-Type Header in mlflow/mlflow

Vendor Mlflow
Product mlflow/mlflow
Weakness CWE-79 · XSS
Published December 7, 2023
Last update August 2, 2024
View on NVD All CVEs

CVSS base score

6.5/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality High
Integrity None

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

A reflected Cross-Site Scripting (XSS) vulnerability exists in the mlflow/mlflow repository, specifically within the handling of the Content-Type header in POST requests. An attacker can inject malicious JavaScript code into the Content-Type header, which is then improperly reflected back to the user without adequate sanitization or escaping, leading to arbitrary JavaScript execution in the context of the victim's browser. The vulnerability is present in the mlflow/server/auth/__init__.py file, where the user-supplied Content-Type header is directly injected into a Python formatted string and returned to the user, facilitating the XSS attack.

Key dates

02Disclosure timeline

December 7, 2023 CVE published
August 2, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2024-12507 Optio Dentistry <= 2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-37521 WordPress zBench theme <= 1.4.2 - Cross Site Scripting (XSS) vulnerability CVE-2024-51895 WordPress Minical Hotel Booking Plugin plugin <= 1.0.2 - Stored Cross Site Scripting (XSS) vulnerability CVE-2024-45459 WordPress Product Slider for WooCommerce by PickPlugins plugin <= 1.13.50 - Reflected Cross Site Scripting (XSS) vulnerability CVE-2024-4714 Campcodes Complete Web-Based School Management System update_subject.php cross site scripting