{ "threat_severity" : "Moderate", "public_date" : "2024-07-29T16:24:00Z", "bugzilla" : { "description" : "python-twisted: Reflected XSS via HTML Injection in Redirect Response", "id" : "2300497", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2300497" }, "cvss3" : { "cvss3_base_score" : "4.2", "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N", "status" : "verified" }, "cwe" : "CWE-79", "details" : [ "Twisted is an event-based framework for internet applications, supporting Python 3.6+. The `twisted.web.util.redirectTo` function contains an HTML injection vulnerability. If application code allows an attacker to control the redirect URL this vulnerability may result in Reflected Cross-Site Scripting (XSS) in the redirect response HTML body. This vulnerability is fixed in 24.7.0rc1.", "A Cross-site scripting (XSS) vulnerability exists in Python-Twisted in the twisted.web.util.redirectTo function. This flaw allows an attacker to control the redirect URL, leading to reflected XSS in the HTML body of the redirect response. If exploited, a remote attacker could inject malicious HTML, causing unauthorized JavaScript execution within the victim's browser session. This issue can result in unauthorized access to the victim’s account and data or allow the attacker to perform operations on behalf of the victim." ], "statement" : "The vulnerability is exploitable only in Firefox. All other tested browsers will display an error message to the user and will not render the HTML body.", "affected_release" : [ { "product_name" : "Red Hat Ansible Automation Platform 2.4 for RHEL 8", "release_date" : "2024-09-27T00:00:00Z", "advisory" : "RHSA-2024:7312", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2.4::el8", "package" : "automation-controller-0:4.5.12-1.el8ap" }, { "product_name" : "Red Hat Ansible Automation Platform 2.4 for RHEL 9", "release_date" : "2024-09-27T00:00:00Z", "advisory" : "RHSA-2024:7312", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2.4::el9", "package" : "automation-controller-0:4.5.12-1.el9ap" } ], "package_state" : [ { "product_name" : "Red Hat Ansible Automation Platform 1.2", "fix_state" : "Will not fix", "package_name" : "ansible-tower", "cpe" : "cpe:/a:redhat:ansible_automation_platform" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Affected", "package_name" : "python3x-twisted", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Affected", "package_name" : "python-twisted", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Out of support scope", "package_name" : "python-twisted", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Out of support scope", "package_name" : "python-twisted-web", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Out of support scope", "package_name" : "python-twisted-web", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat OpenStack Platform 16.1", "fix_state" : "Out of support scope", "package_name" : "python-twisted", "cpe" : "cpe:/a:redhat:openstack:16.1" }, { "product_name" : "Red Hat OpenStack Platform 16.2", "fix_state" : "Will not fix", "package_name" : "python-twisted", "cpe" : "cpe:/a:redhat:openstack:16.2" }, { "product_name" : "Red Hat Storage 3", "fix_state" : "Out of support scope", "package_name" : "python-carbon", "cpe" : "cpe:/a:redhat:storage:3" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2024-41810\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-41810\nhttps://github.com/twisted/twisted/commit/046a164f89a0f08d3239ecebd750360f8914df33\nhttps://github.com/twisted/twisted/security/advisories/GHSA-cf56-g6w6-pqq2" ], "name" : "CVE-2024-41810", "csaw" : false }