{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2023-30959","assignerOrgId":"bbcbe11d-db20-4bc2-8a6e-c79f87041fd4","state":"PUBLISHED","assignerShortName":"Palantir","dateReserved":"2023-04-21T11:25:51.028Z","datePublished":"2023-09-26T17:56:20.817Z","dateUpdated":"2024-09-24T13:47:53.632Z"},"containers":{"cna":{"providerMetadata":{"orgId":"bbcbe11d-db20-4bc2-8a6e-c79f87041fd4","shortName":"Palantir","dateUpdated":"2023-09-26T17:56:20.817Z"},"title":"Stored XSS via javascript URI in Apollo Change Requests comment","affected":[{"vendor":"Palantir","product":"com.palantir.apollo:autopilot","versions":[{"version":"*","versionType":"semver","lessThan":"3.308.0","status":"affected"}]}],"descriptions":[{"lang":"en","value":"In Apollo  change requests, comments added by users could contain a javascript URI link that when rendered will result in an XSS that require user interaction."}],"impacts":[{"capecId":"CAPEC-63","descriptions":[{"lang":"en","value":"An adversary embeds malicious scripts in content that will be served to web browsers. The goal of the attack is for the target software, the client-side browser, to execute the script with the users' privilege level. An attack of this type exploits a programs' vulnerabilities that are brought on by allowing remote hosts to execute code and scripts. Web browsers, for example, have some simple security controls in place, but if a remote attacker is allowed to execute scripts (through injecting them in to user-generated content like bulletin boards) then these controls may be bypassed. Further, these attacks are very difficult for an end user to detect."}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-84","description":"The web application improperly neutralizes user-controlled input for executable script disguised with URI encodings.","lang":"en","type":"CWE"}]}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N","baseSeverity":"MEDIUM","baseScore":4.1},"format":"CVSS"}],"references":[{"url":"https://palantir.safebase.us/?tcuUid=4c257f07-58af-4532-892a-bdbe8ab3ec63"}],"source":{"discovery":"INTERNAL","defect":["PLTRSEC-2023-33"]}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T14:45:24.249Z"},"title":"CVE Program Container","references":[{"url":"https://palantir.safebase.us/?tcuUid=4c257f07-58af-4532-892a-bdbe8ab3ec63","tags":["x_transferred"]}]},{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-09-24T13:24:39.959694Z","id":"CVE-2023-30959","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-09-24T13:47:53.632Z"}}]}}