CVE-2024-27593

Vulnerability

Overview

CVE-2024-27593 is a stored cross-site scripting (XSS) vulnerability in Eramba version 3.22.3 Community Edition. The flaw resides in the custom filter function, where the filter name field does not properly sanitize user input. An authenticated attacker can inject malicious JavaScript code into the filter name, such as 1337"'>, which is then stored and executed when another user edits the filter via the "Manage Filter" button. [1]

Exploitation

To exploit this vulnerability, an attacker must be an authenticated user of the Eramba application. The attack is carried out by creating a new filter (either private or public) and inserting a crafted XSS payload into the name field. If the filter is made public, it becomes visible to all users. The attacker sends a POST request to the filter creation endpoint, which triggers the stored payload. When the victim (another user) edits the filter by clicking the "Manage Filter" button, the malicious JavaScript code executes in their browser. No special network position is required beyond normal access to the application. [1]

Impact

Successful exploitation allows the attacker to execute arbitrary web scripts or HTML in the context of the victim's session. This can lead to session hijacking, data exfiltration, or further malicious actions within the Eramba application's interface. The CVSS v4.0 base score is 5.1 (Medium), with low impact to confidentiality and integrity, but with no impact to availability. [1]

Mitigation

The vendor has addressed this vulnerability in Eramba version 3.23.0. Users of version 3.22.3 Community Edition are advised to upgrade to the latest patched release to eliminate the XSS risk. No workarounds have been provided. [1]