CVE-2023-47620

Name of the Vulnerable Software and Affected Versions Scrypted versions 0.55.0 and prior

Description A reflected cross-site scripting vulnerability exists in the plugin-http.ts file via the owner and pkg parameters, allowing an attacker to run arbitrary JavaScript code. This issue may lead to Remote Code Execution. Two reflected Cross-Site Scripting (XSS) vulnerabilities exist in scrypted that may allow an attacker to impersonate any user who clicks on specially crafted links. In the worst case, an attacker may be able to impersonate an administrator and run arbitrary commands.

Recommendations To remediate, ensure that parameters are not reflected back in the response. In addition, on error responses where html is unnecessary, set the text/plain Content-Type to prevent XSS. Ensure user-controlled data is not placed into the DOM. Additionally, validate the redirect uri parameter to prevent open redirect vulnerabilities. As a temporary workaround, consider restricting access to the vulnerable plugin-http.ts file and the Login.vue page until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.