CVE-2024-28246

Published: Mar 25, 2024

Modified: Aug 2, 2024

PUBLISHED

CVSS v3.1

5.5

MEDIUM

Description

KaTeX is a JavaScript library for TeX math rendering on the web. Code that uses KaTeX's `trust` option, specifically that provides a function to blacklist certain URL protocols, can be fooled by URLs in malicious inputs that use uppercase characters in the protocol. In particular, this can allow for malicious input to generate `javascript:` links in the output, even if the `trust` function tries to forbid this protocol via `trust: (context) => context.protocol !== 'javascript'`. Upgrade to KaTeX v0.16.10 to remove this vulnerability.

Vendor	Product	Versions
KaTeX	KaTeX	affected `>= 0.11.0, < 0.16.10`

Weaknesses (CWE)

CWE-184

CWE-697

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

Required

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

Low

References

https://github.com/KaTeX/KaTeX/security/advisories/GHSA-3wc5-fcw2-2329

x_refsource_CONFIRM

https://github.com/KaTeX/KaTeX/commit/fc5af64183a3ceb9be9d1c23a275999a728593de

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-28246

Description

Affected Products

Weaknesses (CWE)

CVSS v3.1 Details

References