CVE-2023-3971

HIGH

Ansible Automation Controller - HTML Injection in User Interface Settings

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-3971. PoCs published by ashangp923.

AI-analyzed exploit summary This repository contains a functional HTML injection PoC for CVE-2023-3971, demonstrating how user input (username) is directly echoed without sanitization, leading to potential XSS vulnerabilities. The code includes a login form that reflects the username input in the search result section.

Description

An HTML injection flaw was found in Controller in the user interface settings. This flaw allows an attacker to capture credentials by creating a custom login page by injecting HTML, resulting in a complete compromise.

Exploits (1)

nomisec WORKING POC
by ashangp923 · poc
https://github.com/ashangp923/CVE-2023-3971

This repository contains a functional HTML injection PoC for CVE-2023-3971, demonstrating how user input (username) is directly echoed without sanitization, leading to potential XSS vulnerabilities. The code includes a login form that reflects the username input in the search result section.

Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: Red Hat login page (version unspecified)
No auth needed
Prerequisites: User interaction required to submit the form
MITRE ATT&CK
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (4)

Core 4
Core References
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2023:4340
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2023:4590
Vendor Advisory vdb-entry x_refsource_redhat
https://access.redhat.com/security/cve/CVE-2023-3971
Issue Tracking, Vendor Advisory issue-tracking x_refsource_redhat
https://bugzilla.redhat.com/show_bug.cgi?id=2226965

Scores

CVSS v3 7.3
EPSS 0.0067
EPSS Percentile 47.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-79 CWE-80
Status published
Products (6)
redhat/ansible_automation_controller 4.4
redhat/ansible_automation_controller < 4.3.11
redhat/ansible_automation_platform 2.3
redhat/ansible_automation_platform 2.4
redhat/ansible_developer 1.0
redhat/ansible_inside 1.1
Published Oct 04, 2023
Tracked Since Feb 18, 2026