Cross-site Scripting for Argo CD single sign on users

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD starting with 2.3.0 and prior to 2.3.6 and 2.4.5 is vulnerable to a cross-site scripting (XSS) bug which could allow an attacker to inject arbitrary JavaScript in the `/auth/callback` page in a victim's browser. This vulnerability only affects Argo CD instances which have single sign on (SSO) enabled. The exploit also assumes the attacker has 1) access to the API server's encryption key, 2) a method to add a cookie to the victim's browser, and 3) the ability to convince the victim to visit a malicious `/auth/callback` link. The vulnerability is classified as low severity because access to the API server's encryption key already grants a high level of access. Exploiting the XSS would allow the attacker to impersonate the victim, but would not grant any privileges which the attacker could not otherwise gain using the encryption key. A patch for this vulnerability has been released in the following Argo CD versions 2.4.5 and 2.3.6. There is currently no known workaround.

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:N/I:L/A:N

在Web页面生成时对输入的转义处理不恰当(跨站脚本)

ArgoCD 跨站脚本漏洞

Argo是一款开源的容器本机工作流引擎。ArgoCD是一个应用软件。用于Kubernetes的声明性GitOps连续交付工具。它持续监控正在运行的应用程序并将当前的实时状态与所需的目标状态（例如 Git 仓库中的配置）进行比较，在 Git 仓库更改时自动同步和部署应用程序。 Argo CD 2.3.0到 2.3.6 版本和 2.4.5之前版本存在跨站脚本漏洞，该漏洞源于允许攻击者在受害者的“/auth/callback”页面中注入任意 JavaScript。

N/A

N/A