CVE-2024-29882: SRS DOM - XSS on JSONP callback

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2024-29882

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

SRS DOM - XSS on JSONP callback

Source: NVD (National Vulnerability Database)

Vulnerability Description

SRS is a simple, high-efficiency, real-time video server. SRS's `/api/v1/vhosts/vid-<id>?callback=<payload>` endpoint didn't filter the callback function name which led to injecting malicious javascript payloads and executing XSS ( Cross-Site Scripting). This vulnerability is fixed in 5.0.210 and 6.0.121.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

Source: NVD (National Vulnerability Database)

Vulnerability Type

在Web页面生成时对输入的转义处理不恰当(跨站脚本)

Source: NVD (National Vulnerability Database)

Vulnerability Title

SRS 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

SRS是SRS开源的一款简单、高效、实时的视频服务器。 SRS 6.0.121之前版本存在安全漏洞。攻击者利用该漏洞执行跨站脚本攻击。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
ossrs	srs	< 5.0.210	-

II. Public POCs for CVE-2024-29882

#	POC Description	Source Link	Shenlong Link
1	SRS is a simple, high-efficiency, real-time video server. SRS's `/api/v1/vhosts/vid-<id>?callback=<payload>` endpoint didn't filter the callback function name which led to injecting malicious javascript payloads and executing XSS ( Cross-Site Scripting). This vulnerability is fixed in 5.0.210 and 6.0.121.	https://github.com/projectdiscovery/nuclei-templates/blob/main/headless/cves/2024/CVE-2024-29882.yaml	POC Details

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2024-29882

Please Login to view more intelligence information

https://github.com/ossrs/srs/security/advisories/GHSA-gv9r-qcjc-5hj7x_refsource_CONFIRM
https://github.com/ossrs/srs/commit/244ce7bc013a0b805274a65132a2980680ba6b9dx_refsource_MISC
https://nvd.nist.gov/vuln/detail/CVE-2024-29882

New Vulnerabilities

Product: srs

CVE-2023-34105
SRS has command injection vulnerability in demonstration api

Vendor: ossrs

CVE-2023-34105
SRS has command injection vulnerability in demonstration api

Same weakness: CWE-79

V. Comments for CVE-2024-29882

No comments yet

Support Us — Your donation helps us keep running

I. Basic Information for CVE-2024-29882

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2024-29882

III. Intelligence Information for CVE-2024-29882

New Vulnerabilities

V. Comments for CVE-2024-29882

Leave a comment