CVE-2024-41665 - Vulnerability Details - OpenCVE

Ampache, a web based audio/video streaming application and file manager, has a stored cross-site scripting (XSS) vulnerability in versions prior to 6.6.0. This vulnerability exists in the "Playlists - Democratic - Configure Democratic Playlist" feature. An attacker with Content Manager permissions can set the Name field to `<svg onload=alert(8)>`. When any administrator or user accesses the Democratic functionality, they will be affected by this stored XSS vulnerability. The attacker can exploit this vulnerability to obtain the cookies of any user or administrator who accesses the `democratic.php` file. Version 6.6.0 contains a patch for the issue.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Ampache	Ampache

Configuration 1 [-]

cpe:2.3:a:ampache:ampache:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/ampache/ampache/security/advisories/GHSA-cp44-89r2-fxph

History

Mon, 03 Feb 2025 16:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Ampache Ampache ampache
CPEs		cpe:2.3:a:ampache:ampache::::::::
Vendors & Products		Ampache Ampache ampache

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-07-23T17:14:56.459Z

Updated: 2024-08-02T04:46:52.459Z

Reserved: 2024-07-18T15:21:47.484Z

Link: CVE-2024-41665

Vulnrichment

Updated: 2024-08-02T04:46:52.459Z

NVD

Status : Analyzed

Published: 2024-07-23T18:15:06.790

Modified: 2025-02-03T15:33:40.453

Link: CVE-2024-41665

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-41665", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-07-18T15:21:47.484Z", "datePublished": "2024-07-23T17:14:56.459Z", "dateUpdated": "2024-08-02T04:46:52.459Z"}, "containers": {"cna": {"title": "Ampache Stored Cross-site Scripting Vulnerability", "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "lang": "en", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L", "version": "3.1"}}], "references": [{"name": "https://github.com/ampache/ampache/security/advisories/GHSA-cp44-89r2-fxph", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/ampache/ampache/security/advisories/GHSA-cp44-89r2-fxph"}], "affected": [{"vendor": "ampache", "product": "ampache", "versions": [{"version": "< 6.6.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-07-23T17:14:56.459Z"}, "descriptions": [{"lang": "en", "value": "Ampache, a web based audio/video streaming application and file manager, has a stored cross-site scripting (XSS) vulnerability in versions prior to 6.6.0. This vulnerability exists in the \"Playlists - Democratic - Configure Democratic Playlist\" feature. An attacker with Content Manager permissions can set the Name field to `<svg onload=alert(8)>`. When any administrator or user accesses the Democratic functionality, they will be affected by this stored XSS vulnerability. The attacker can exploit this vulnerability to obtain the cookies of any user or administrator who accesses the `democratic.php` file. Version 6.6.0 contains a patch for the issue."}], "source": {"advisory": "GHSA-cp44-89r2-fxph", "discovery": "UNKNOWN"}}, "adp": [{"affected": [{"vendor": "ampache", "product": "ampache", "cpes": ["cpe:2.3:a:ampache:ampache:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "6.6.0", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-23T20:06:51.489479Z", "id": "CVE-2024-41665", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-23T20:07:21.477Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:46:52.459Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/ampache/ampache/security/advisories/GHSA-cp44-89r2-fxph", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/ampache/ampache/security/advisories/GHSA-cp44-89r2-fxph"}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/ampache/ampache/security/advisories/GHSA-cp44-89r2-fxph", "name": "https://github.com/ampache/ampache/security/advisories/GHSA-cp44-89r2-fxph", "tags": ["x_refsource_CONFIRM", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:46:52.459Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-41665", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-23T20:06:51.489479Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:ampache:ampache:*:*:*:*:*:*:*:*"], "vendor": "ampache", "product": "ampache", "versions": [{"status": "affected", "version": "0", "lessThan": "6.6.0", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-23T20:07:18.343Z"}}], "cna": {"title": "Ampache Stored Cross-site Scripting Vulnerability", "source": {"advisory": "GHSA-cp44-89r2-fxph", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "ampache", "product": "ampache", "versions": [{"status": "affected", "version": "< 6.6.0"}]}], "references": [{"url": "https://github.com/ampache/ampache/security/advisories/GHSA-cp44-89r2-fxph", "name": "https://github.com/ampache/ampache/security/advisories/GHSA-cp44-89r2-fxph", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "Ampache, a web based audio/video streaming application and file manager, has a stored cross-site scripting (XSS) vulnerability in versions prior to 6.6.0. This vulnerability exists in the \"Playlists - Democratic - Configure Democratic Playlist\" feature. An attacker with Content Manager permissions can set the Name field to `<svg onload=alert(8)>`. When any administrator or user accesses the Democratic functionality, they will be affected by this stored XSS vulnerability. The attacker can exploit this vulnerability to obtain the cookies of any user or administrator who accesses the `democratic.php` file. Version 6.6.0 contains a patch for the issue."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-07-23T17:14:56.459Z"}}}, "cveMetadata": {"cveId": "CVE-2024-41665", "state": "PUBLISHED", "dateUpdated": "2024-08-02T04:46:52.459Z", "dateReserved": "2024-07-18T15:21:47.484Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-07-23T17:14:56.459Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ampache:ampache:*:*:*:*:*:*:*:*", "matchCriteriaId": "0CE7A18A-729A-422A-A3BD-E86365DE8C72", "versionEndExcluding": "6.6.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Ampache, a web based audio/video streaming application and file manager, has a stored cross-site scripting (XSS) vulnerability in versions prior to 6.6.0. This vulnerability exists in the \"Playlists - Democratic - Configure Democratic Playlist\" feature. An attacker with Content Manager permissions can set the Name field to `<svg onload=alert(8)>`. When any administrator or user accesses the Democratic functionality, they will be affected by this stored XSS vulnerability. The attacker can exploit this vulnerability to obtain the cookies of any user or administrator who accesses the `democratic.php` file. Version 6.6.0 contains a patch for the issue."}, {"lang": "es", "value": " Ampache, una aplicaci\u00f3n de transmisi\u00f3n de audio/v\u00eddeo y administrador de archivos basada en web, tiene una vulnerabilidad de Cross Site Scripting (XSS) almacenadas en versiones anteriores a la 6.6.0. Esta vulnerabilidad existe en la funci\u00f3n \"Playlists - Democratic - Configure Democratic Playlist\". Un atacante con permisos de Administrador de contenido puede establecer el campo Name en ``. Cuando cualquier administrador o usuario acceda a la funcionalidad Democratic, se ver\u00e1 afectado por esta vulnerabilidad de XSS almacenado. El atacante puede aprovechar esta vulnerabilidad para obtener las cookies de cualquier usuario o administrador que acceda al archivo `democratic.php`. La versi\u00f3n 6.6.0 contiene un parche para el problema."}], "id": "CVE-2024-41665", "lastModified": "2025-02-03T15:33:40.453", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.1, "impactScore": 3.4, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-07-23T18:15:06.790", "references": [{"source": "security-advisories@github.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/ampache/ampache/security/advisories/GHSA-cp44-89r2-fxph"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/ampache/ampache/security/advisories/GHSA-cp44-89r2-fxph"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "security-advisories@github.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}