CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
AI Score
Confidence
High
EPSS
Percentile
23.6%
label_studio is vulnerable to Cross Site Scripting (XSS). The vulnerability is due to not sanitizing/validating the HTML/JavaScript file that was downloaded from the import data feature from a remote web resource. An attacker can exploit this to download a HTML file that executes malicious JavaScript code in the context of the Label Studio website.
developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/sandbox
github.com/HumanSignal/label-studio/blob/1.9.2.post0/label_studio/data_import/api.py#L595C1-L616C62
github.com/HumanSignal/label-studio/blob/1.9.2.post0/label_studio/data_import/uploader.py#L125C5-L146
github.com/HumanSignal/label-studio/commit/1a2025037ad6319b71d0c795fce62ae3ea0144be
github.com/HumanSignal/label-studio/security/advisories/GHSA-fq23-g58m-799r