Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-43776

Backstage is an open platform for building developer portals. In affected versions the auth-backend plugin allows a malicious actor to trick another user into visiting a vulnerable URL that executes an XSS attack. This attack can potentially allow the attacker to exfiltrate access tokens or other secrets from the user's browser. The default CSP does prevent this attack, but it is expected that some deployments have these policies disabled due to incompatibilities. This is vulnerability is patched in version `0.4.9` of `@backstage/plugin-auth-backend`.

Published

2021-11-26T19:15:07.843

Last Modified

2024-11-21T06:29:45.807

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.4 (HIGH)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: PARTIAL
Availability Impact: NONE

Exploitability Score

8.6

Impact Score

2.9

Weaknesses

Type: Primary
CWE-79

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	linuxfoundation	auth_backend	< 0.4.9	Yes

References

https://github.com/backstage/backstage/security/advisories/GHSA-w7fj-336r-vw49 Third Party Advisory ([email protected])
https://github.com/backstage/backstage/tree/master/plugins/auth-backend Product, Third Party Advisory ([email protected])
https://github.com/backstage/backstage/security/advisories/GHSA-w7fj-336r-vw49 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/backstage/backstage/tree/master/plugins/auth-backend Product, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)