CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-45801

Medium Severity
SVRS
30/100
CVSSv3
NA/10
EPSS
0.00044/1

CVE-2024-45801 affects DOMPurify, a widely used XSS sanitizer, allowing attackers to bypass its defenses using specially crafted HTML. This vulnerability permits cross-site scripting (XSS) attacks due to flaws in depth checking and potential Prototype Pollution, rendering DOMPurify ineffective against malicious code injection. Despite a CVSS score of 0, indicating a low immediate impact based solely on the vulnerability's characteristics, the SVRS of 30 suggests a moderate level of concern, based on the risk visibility. While not critical, the potential for exploitation exists, and the 'In The Wild' tag suggests observed malicious activity. Upgrading to DOMPurify versions 2.5.4 or 3.1.3 is strongly advised to mitigate the risk of exploitation, as no workarounds exist. The significance of this vulnerability lies in its ability to compromise web applications relying on DOMPurify for sanitizing user-supplied HTML, potentially leading to data theft or unauthorized actions.

TAGS
In The Wild
VECTOR STRING
PUBLICATION DATE2024-09-16
LAST MODIFIED2024-09-20
Eye Icon
SOCRadar
AI Insight

Description

CVE-2024-45801 is a critical vulnerability in DOMPurify, a popular HTML sanitizer used to prevent cross-site scripting (XSS) attacks. This vulnerability allows malicious HTML to bypass DOMPurify's depth checking and prototype pollution, rendering it ineffective in preventing XSS attacks.

Key Insights

  • High Severity: The SVRS of 30 indicates a moderate severity, highlighting the urgency of addressing this vulnerability.
  • Active Exploitation: This vulnerability is actively exploited in the wild, posing an immediate threat to organizations using DOMPurify.
  • CISA Warning: The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about this vulnerability, urging organizations to take immediate action.
  • No Workarounds: There are no known workarounds for this vulnerability, making it essential to upgrade to the latest version of DOMPurify.

Mitigation Strategies

  • Upgrade DOMPurify: Update to DOMPurify version 2.5.4 or 3.1.3 to address this vulnerability.
  • Implement Input Validation: Implement robust input validation mechanisms to prevent malicious HTML from reaching DOMPurify.
  • Use a Web Application Firewall (WAF): Deploy a WAF to block malicious requests that attempt to exploit this vulnerability.
  • Monitor for Suspicious Activity: Monitor logs and security alerts for any suspicious activity that may indicate an exploitation attempt.

Additional Information

If you have any further questions regarding this incident, you can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

CVE-2024-45801 | cure53 DOMPurify up to 2.5.3/3.1.2 Nesting redos (GHSA-mmhx-hmjr-r674 / Nessus ID 212033)
vuldb.com2024-12-04
CVE-2024-45801 | cure53 DOMPurify up to 2.5.3/3.1.2 Nesting redos (GHSA-mmhx-hmjr-r674 / Nessus ID 212033) | A vulnerability was found in cure53 DOMPurify up to 2.5.3/3.1.2. It has been declared as critical. This vulnerability affects unknown code of the component Nesting Handler. The manipulation leads to inefficient regular expression complexity. This vulnerability was named CVE-2024-45801. The attack can be
vuldb.com
rss
forum
news
High severity RCE flaws among several newly addressed IBM bugs - SC Media
2024-11-29
High severity RCE flaws among several newly addressed IBM bugs - SC Media | News Content: November 29, 2024 Share Fixes have been released by IBM to address numerous product vulnerabilities, the most serious of which are a pair of high-severity remote code execution bugs in its Data Visualization Manager and Security SOAR offerings, reports SecurityWeek. Attackers could exploit the Data Virtualization Manager for z/OS flaw, tracked as CVE-2024-52899, to facilitate malicious JDBC URL parameter injections and run arbitrary code, while the Security SOAR prototype pollution issue, tracked as CVE-2024-45801, could be leveraged to trigger arbitrary code
google.com
rss
forum
news

Social Media

Hello friends, anyone have a working POC for CVE-2024-45801? - DOM Purifier <2.5.4 bypass - #bugbounty
0
0
2
CVE-2024-45801 (CVSS:7.3, HIGH) is Received. DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. It has been discovered that m..https://t.co/ZN3iKekx3A #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
0
0
0
CVE-2024-45801 XSS Vulnerability Bypasses in DOMPurify Fixed in Recent Updates DOMPurify is a quick and tolerant XSS sanitizer for HTML, MathML, and SVG, designed to work only with the DOM. A problem was found wh... https://t.co/PKrlFS9lPJ
0
0
0
CVE-2024-45801 DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. It has been discovered that malicious HTML using special nesting techniques… https://t.co/38AxCvhHdz
0
0
0

Affected Software

No affected software found for this CVE

References

ReferenceLink
SECURITY-ADVISORIES@GITHUB.COMhttps://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21
SECURITY-ADVISORIES@GITHUB.COMhttps://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc
SECURITY-ADVISORIES@GITHUB.COMhttps://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674

CWE Details

CWE IDCWE NameDescription
CWE-1333Inefficient Regular Expression ComplexityThe product uses a regular expression with an inefficient, possibly exponential worst-case computational complexity that consumes excessive CPU cycles.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence