Absinthe Plug
Monthly
Reflected cross-site scripting (XSS) in absinthe_plug GraphiQL interface allows unauthenticated attackers to execute arbitrary JavaScript in victims' browsers via the query GET parameter. The vulnerability exploits incomplete input escaping in the js_escape/1 function, which fails to escape backslashes before embedding user-controlled query strings into inline JavaScript. An attacker can bypass existing single-quote and newline escaping by prefixing a quote with a backslash (e.g., \'), breaking out of the string context. Vendor-released patch available (version 1.10.2 and later); exploitation requires user interaction (clicking a malicious link).
Reflected cross-site scripting (XSS) in absinthe_plug GraphiQL interface allows unauthenticated attackers to execute arbitrary JavaScript in victims' browsers via the query GET parameter. The vulnerability exploits incomplete input escaping in the js_escape/1 function, which fails to escape backslashes before embedding user-controlled query strings into inline JavaScript. An attacker can bypass existing single-quote and newline escaping by prefixing a quote with a backslash (e.g., \'), breaking out of the string context. Vendor-released patch available (version 1.10.2 and later); exploitation requires user interaction (clicking a malicious link).