CVE-2023-28109

Published: Mar 16, 2023Modified: Nov 21, 2024

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

Play With Docker is a browser-based Docker playground. Versions 0.0.2 and prior are vulnerable to domain hijacking. Because CORS configuration was not correct, an attacker could use `play-with-docker.com` as an example and set the origin header in an http request as `evil-play-with-docker.com`. The domain would echo in response header, which successfully bypassed the CORS policy and retrieved basic user information. This issue has been fixed in commit ed82247c9ab7990ad76ec2bf1498c2b2830b6f1a. There are no known workarounds.

Affected (2)

Products: Play With Docker: Play With Docker

Play With Docker

1 product

Play With Docker

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Play With Docker Play With Docker	Version 0.0.1
Play With Docker Play With Docker	Version 0.0.2

Related CWEs

Authorization Bypass Through User-Controlled Key

The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

References (4)

https://github.com/play-with-docker/play-with-docker/commit/ed82247c9ab7990ad76ec2bf1498c2b2830b6f1a

Source: security-advisories@github.com

Patch

https://github.com/play-with-docker/play-with-docker/security/advisories/GHSA-vq59-5x26-h639

Source: security-advisories@github.com

Vendor Advisory

https://github.com/play-with-docker/play-with-docker/commit/ed82247c9ab7990ad76ec2bf1498c2b2830b6f1a

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://github.com/play-with-docker/play-with-docker/security/advisories/GHSA-vq59-5x26-h639

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.