{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2025-47783","assignerOrgId":"a0819718-46f1-4df5-94e2-005712e83aaa","state":"PUBLISHED","assignerShortName":"GitHub_M","dateReserved":"2025-05-09T19:49:35.621Z","datePublished":"2025-05-14T23:01:17.213Z","dateUpdated":"2025-05-15T15:32:26.174Z"},"containers":{"cna":{"title":"label-studio vulnerable to Cross-Site Scripting (Reflected) via the label_config parameter.","problemTypes":[{"descriptions":[{"cweId":"CWE-79","lang":"en","description":"CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","type":"CWE"}]}],"metrics":[{"cvssV4_0":{"attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"LOW","subIntegrityImpact":"LOW","subAvailabilityImpact":"NONE","baseScore":7.6,"baseSeverity":"HIGH","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:L/SI:L/SA:N","version":"4.0"}}],"references":[{"name":"https://github.com/HumanSignal/label-studio/security/advisories/GHSA-8jhr-wpcm-hh4h","tags":["x_refsource_CONFIRM"],"url":"https://github.com/HumanSignal/label-studio/security/advisories/GHSA-8jhr-wpcm-hh4h"}],"affected":[{"vendor":"HumanSignal","product":"label-studio","versions":[{"version":"< 1.18.0","status":"affected"}]}],"providerMetadata":{"orgId":"a0819718-46f1-4df5-94e2-005712e83aaa","shortName":"GitHub_M","dateUpdated":"2025-05-14T23:01:17.213Z"},"descriptions":[{"lang":"en","value":"Label Studio is a multi-type data labeling and annotation tool. A vulnerability in versions prior to 1.18.0 allows an attacker to inject a malicious script into the context of a web page, which can lead to data theft, session hijacking, unauthorized actions on behalf of the user, and other attacks. The vulnerability is reproducible when sending a properly formatted request to the `POST /projects/upload-example/` endpoint. In the source code, the vulnerability is located at `label_studio/projects/views.py`. Version 1.18.0 contains a patch for the issue."}],"source":{"advisory":"GHSA-8jhr-wpcm-hh4h","discovery":"UNKNOWN"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-05-15T15:30:36.464279Z","id":"CVE-2025-47783","options":[{"Exploitation":"poc"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-05-15T15:32:26.174Z"}}]}}