PT-2021-19845 · Unknown+1 · Datasette-Auth-Passwords+1

Simonw

Published

2021-06-07

Updated

2021-06-14

CVE-2021-32670

CVSS v3.1

7.2

High

Vector

AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Datasette versions prior to 0.56.1 Datasette versions prior to 0.57

Description The ? trace=1 debugging feature in Datasette does not correctly escape generated HTML, resulting in a reflected cross-site scripting issue. This is particularly relevant if the Datasette installation includes authenticated features using plugins such as datasette-auth-passwords, as an attacker could use the issue to access protected data.

Recommendations For versions prior to 0.56.1, update to version 0.56.1 or later to resolve the issue. For versions prior to 0.57, update to version 0.57 or later to resolve the issue. As a temporary workaround, consider rejecting any incoming requests with ? trace= or & trace= in their query string parameters if you run Datasette behind a proxy.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2021-32670

GHSA-GFF3-739C-GXFQ

GHSA-XW7C-JX9M-XH5G

PYSEC-2021-89

Affected Products

Datasette

Datasette-Auth-Passwords

PT-2021-19845 · Unknown+1 · Datasette-Auth-Passwords+1

CVE-2021-32670

Weakness Enumeration

Related Identifiers

Affected Products

References · 14