CVE-2022-46151

Reflected XSS

CVSS 6.3 MEDIUMEPSS 0.4%CWE-79

Vexday Risk Score

13Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 6.3EPSS 0.4%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

06 Dec 2022Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

Querybook is an open source data querying UI. In affected versions user provided data is not escaped in the error field of the auth callback url in `querybook/server/app/auth/oauth_auth.py` and `querybook/server/app/auth/okta_auth.py`. This may allow attackers to perform reflected cross site scripting (XSS) if Content Security Policy (CSP) is not enabled or `unsafe-inline` is allowed. Users are advised to upgrade to the latest, patched version of querybook (version 3.14.2 or greater). Users unable to upgrade may enable CSP and not allow unsafe-inline or manually escape query parameters in a reverse proxy.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

Affected products

pinterest · querybook

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/pinterest/querybook/commit/88a7f10495bf5ed1a556ade51a2f2794e403c063 https://github.com/pinterest/querybook/security/advisories/GHSA-mrrw-9wf7-xq6w