CVE-2024-37304
MEDIUMNuGetGallery < 2024.05.28 - Cross-Site Scripting via Markdown Autolink Handling
Title source: llmDescription
NuGet Gallery is a package repository that powers nuget.org. The NuGetGallery has a security vulnerability related to its handling of autolinks in Markdown content. While the platform properly filters out JavaScript from standard links, it does not adequately sanitize autolinks. This oversight allows attackers to exploit autolinks as a vector for Cross-Site Scripting (XSS) attacks. When a user inputs a Markdown autolink such as `<javascript:alert(1)>`, the link is rendered without proper sanitization. This means that the JavaScript code within the autolink can be executed by the browser, leading to an XSS attack. Version 2024.05.28 contains a patch for this issue.
References (3)
Core 3
Core References
Vendor Advisory x_refsource_confirm
https://github.com/NuGet/NuGetGallery/security/advisories/GHSA-gwjh-c548-f787
Issue Tracking x_refsource_misc
https://github.com/NuGet/NuGetGallery/pull/9836
Scores
CVSS v3
6.1
EPSS
0.0066
EPSS Percentile
47.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-79
Status
published
Products (1)
microsoft/nugetgallery
< 2024.05.28
Published
Jun 12, 2024
Tracked Since
Feb 18, 2026