An issue was discovered in UiPath Assistant 21.4.4. User-controlled data supplied to the --process-start argument of the URI handler for…
mitre·CWE-116·Published 2021-12-14
An issue was discovered in UiPath Assistant 21.4.4. User-controlled data supplied to the --process-start argument of the URI handler for uipath-assistant:// is not correctly encoded, resulting in attacker-controlled content being injected into the error message displayed (when the injected content does not match an existing process). A determined attacker could leverage this to execute JavaScript in the context of the Electron application.
An issue was discovered in UiPath Assistant 21.4.4. User-controlled data supplied to the --process-start argument of the URI handler for uipath-assistant:// is not correctly encoded, resulting in attacker-controlled content being injected into the error message displayed (when the injected content does not match an existing process). A determined attacker could leverage this to execute JavaScript in the context of the Electron application.
Se ha detectado un problema en UiPath Assistant versión 21.4.4. Los datos controlados por el usuario suministrados al argumento --process-start del manejeador de URI para uipath-assistant:// no están codificados correctamente, resultando en que se inyecte contenido controlado por el atacante en el mensaje de error mostrado (cuando el contenido inyectado no coincide con un proceso existente). Un atacante determinado podría aprovechar esto para ejecutar JavaScript en el contexto de la aplicación Electron
| Version | Type | Source | Base | Exp | Impact | Vector |
|---|---|---|---|---|---|---|
| 2.0 | Primary | NVD | 7.5 | 10.0 | 6.4 | AV:N/AC:L/Au:N/C:P/I:P/A:P |
| 3.1 | Primary | NVD | 9.8 | 3.9 | 5.9 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |