Summary
DataHub Frontend was utilizing a vulnerable version of the analytics-utils package that was exploitable using malicious URL links to execute arbitrary Javascript on the user's browser.
Details
There was an XSS vulnerability in the version of analytics-utils that would allow an attacker to craft a malicious link to a DataHub instance. If an authenticated DataHub user clicked this link, it could result in a wide variety of attacks using executed Javascript.
PoC
An attacker would have to craft a malicious URL, coerce an authenticated user to click on it, and if the URL was crafted for example to invite a new user, could create their own user to log in as.
Impact
DataHub Frontend instances prior to v0.11 are vulnerable to such attacks.
amit-laish Analyst
Summary
DataHub Frontend was utilizing a vulnerable version of the analytics-utils package that was exploitable using malicious URL links to execute arbitrary Javascript on the user's browser.
Details
There was an XSS vulnerability in the version of analytics-utils that would allow an attacker to craft a malicious link to a DataHub instance. If an authenticated DataHub user clicked this link, it could result in a wide variety of attacks using executed Javascript.
PoC
An attacker would have to craft a malicious URL, coerce an authenticated user to click on it, and if the URL was crafted for example to invite a new user, could create their own user to log in as.
Impact
DataHub Frontend instances prior to v0.11 are vulnerable to such attacks.