Skip to main content

CVE-2024-2435

MEDIUM
Cross-site Scripting (XSS) (CWE-79)
2024-04-02 security@temporal.io
4.3
CVSS 3.1 · Vendor: temporal
Share

Severity by source

Vendor (temporal) PRIMARY
4.3 MEDIUM
AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L

Primary rating from Vendor (temporal) · only source for this CVE.

CVSS VectorVendor: temporal

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
Required
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
Low

Lifecycle Timeline

1
CVE Published
Apr 02, 2024 - 17:15 cve.org
MEDIUM 4.3

DescriptionCVE.org

For an attacker with pre-existing access to send a signal to a workflow, the attacker can make the signal name a script that executes when a victim views that signal. The XSS is in the timeline page displaying the workflow execution details of the workflow that was sent the crafted signal. Access to send a signal to a workflow is determined by how you configured the authorizer on your server. This includes any entity with permission to directly call SignalWorkflowExecution or SignalWithStartWorkflowExecution, or any entity can deploy a worker that has access to call workflow progress APIs (specifically RespondWorkflowTaskCompleted).

AnalysisAI

For an attacker with pre-existing access to send a signal to a workflow, the attacker can make the signal name a script that executes when a victim views that signal. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Cross-Site Scripting (XSS) (CWE-79), which allows attackers to inject malicious scripts into web pages viewed by other users. For an attacker with pre-existing access to send a signal to a workflow, the attacker can make the signal name a script that executes when a victim views that signal. The XSS is in the timeline page displaying the workflow execution details of the workflow that was sent the crafted signal. Access to send a signal to a workflow is determined by how you configured the authorizer on your server. This includes any entity with permission to directly call SignalWorkflowExecution or SignalWithStartWorkflowExecution, or any entity can deploy a worker that has access to call workflow progress APIs (specifically RespondWorkflowTaskCompleted).

Affected ProductsAI

See vendor advisory for affected versions.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Sanitize all user input, use Content-Security-Policy headers, encode output contextually (HTML, JS, URL). Use frameworks with built-in XSS protection.

Share

CVE-2024-2435 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy