PT-2022-15042 · Unknown · Onionshare

Micahflee

Published

2022-01-18

Updated

2024-06-15

CVE-2022-21690

CVSS v3.1

8.7

High

Vector

AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N

Name of the Vulnerable Software and Affected Versions OnionShare versions 2.4 and earlier

Description The path parameter of the requested URL is not sanitized before being passed to the QT frontend, leading to a rendered HTML4 Subset in the Onionshare frontend. This issue affects the display of server access history in all components. An adversary with knowledge of the Onion service address can render arbitrary HTML in the server desktop application, requiring the desktop application with rendered history. The impact is elevated.

Recommendations For OnionShare version 2.4 and earlier: Manually define the text format of the QLabel via setTextFormat(). At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2022-21690

GHSA-CH22-X2V3-V6VQ

OPENSUSE-SU-2024:11983-1

OPENSUSE-SU-2024:13635-1

PYSEC-2022-41

Affected Products

Onionshare

PT-2022-15042 · Unknown · Onionshare

CVE-2022-21690

Weakness Enumeration

Related Identifiers

Affected Products

References · 29