CVSS: 3.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47826 – eLabFTW vulnerable to HTML Injection in extended search error message
https://notcve.org/view.php?id=CVE-2024-47826
eLabFTW is an open source electronic lab notebook for research labs. A vulnerability in versions prior to 5.1.5 allows an attacker to inject arbitrary HTML tags in the pages: "experiments.php" (show mode), "database.php" (show mode) or "search.php". It works by providing HTML code in the extended search string, which will then be displayed back to the user in the error message. This means that injected HTML will appear in a red "alert/danger" box, and be part of an error message. Due to some other security measures, it is not possible to execute arbitrary javascript from this attack. • https://github.com/elabftw/elabftw/security/advisories/GHSA-cjww-pr9f-4c4w https://www.acunetix.com/vulnerabilities/web/html-injection • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28100 – Stored Cross-site Scripting leading to arbitrary actions taken on behalf of users in elabftw
https://notcve.org/view.php?id=CVE-2024-28100
eLabFTW is an open source electronic lab notebook for research labs. By uploading specially crafted files, a regular user can create a circumstance where a visitor's browser runs arbitrary JavaScript code in the context of the eLabFTW application. This can be triggered by the visitor viewing a list of experiments. Viewing this allows the malicious script to act on behalf of the visitor in any way, including the creation of API keys for persistence, or other options normally available to the user. If the user viewing the page has the sysadmin role in eLabFTW, the script can act as a sysadmin (including system configuration and extensive user management roles). • https://github.com/elabftw/elabftw/security/advisories/GHSA-xp3v-w8cx-cqxc • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-31178 – Improper Authorization in eLabFTW
https://notcve.org/view.php?id=CVE-2022-31178
eLabFTW is an electronic lab notebook manager for research teams. A vulnerability was discovered which allows a logged in user to read a template without being authorized to do so. This vulnerability has been patched in 4.3.4. Users are advised to upgrade. There are no known workarounds for this issue. eLabFTW es un gestor de cuadernos de laboratorio electrónicos para equipos de investigación. • https://github.com/elabftw/elabftw/security/advisories/GHSA-63qq-hw97-8q7x • CWE-863: Incorrect Authorization •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2022-31007 – Privilege escalation from administrator in eLabFTW
https://notcve.org/view.php?id=CVE-2022-31007
eLabFTW is an electronic lab notebook manager for research teams. Prior to version 4.3.0, a vulnerability allows an authenticated user with an administrator role in a team to assign itself system administrator privileges within the application, or create a new system administrator account. The issue has been corrected in eLabFTW version 4.3.0. In the context of eLabFTW, an administrator is a user account with certain privileges to manage users and content in their assigned team/teams. A system administrator account can manage all accounts, teams and edit system-wide settings within the application. • https://github.com/gregscharf/CVE-2022-31007-Python-POC https://github.com/elabftw/elabftw/releases/tag/4.3.0 https://github.com/elabftw/elabftw/security/advisories/GHSA-937c-m7p3-775v • CWE-842: Placement of User into Incorrect Group CWE-1287: Improper Validation of Specified Type of Input •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-43834 – Incorrect Authentication in elabftw
https://notcve.org/view.php?id=CVE-2021-43834
eLabFTW is an electronic lab notebook manager for research teams. In versions prior to 4.2.0 there is a vulnerability which allows an attacker to authenticate as an existing user, if that user was created using a single sign-on authentication option such as LDAP or SAML. It impacts instances where LDAP or SAML is used for authentication instead of the (default) local password mechanism. Users should upgrade to at least version 4.2.0. eLabFTW es un administrador de cuadernos de laboratorio electrónicos para equipos de investigación. En versiones anteriores a 4.2.0, se presenta una vulnerabilidad que permite a un atacante autenticarse como un usuario existente, si ese usuario fue creado usando una opción de autenticación de inicio de sesión único como LDAP o SAML. • https://github.com/elabftw/elabftw/releases/tag/4.2.0 https://github.com/elabftw/elabftw/security/advisories/GHSA-98rp-gx76-33ph • CWE-287: Improper Authentication •