CVE-2024-8556 – A stored cross-site scripting (XSS) vulnerabili... (How to Fix)

📋 TL;DR

A stored cross-site scripting (XSS) vulnerability in modelscope/agentscope allows attackers to inject malicious JavaScript via user-controllable run IDs. This code executes in victims' browsers when they view detailed run information. Users of affected modelscope/agentscope installations are at risk.

💻 Affected Systems

Products:

modelscope/agentscope

Versions: All versions up to and including commit 21161fe on main branch

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in the run information inspection view where user input is rendered as HTML without proper sanitization.

📦 What is this software?

Agentscope by Modelscope

View all CVEs affecting Agentscope →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers steal session cookies, perform actions as authenticated users, redirect to malicious sites, or install malware via drive-by downloads.

🟠

Likely Case

Session hijacking, credential theft, or unauthorized actions within the application context.

🟢

If Mitigated

Limited impact with proper content security policies and input validation, though some data exposure may still occur.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires ability to create or manipulate run IDs, which typically requires some level of access to the application.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not available

Vendor Advisory: Not available

Restart Required: No

Instructions:

1. Monitor the official modelscope/agentscope repository for security updates
2. Apply patches when available
3. Review commit history for security fixes

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Implement server-side validation and HTML encoding for all user-controlled run IDs before rendering in views.

Content Security Policy

all

Implement strict CSP headers to prevent execution of inline scripts and unauthorized external resources.

🧯 If You Can't Patch

Restrict access to run inspection functionality to trusted users only
Implement web application firewall (WAF) rules to detect and block XSS payloads

🔍 How to Verify

Check if Vulnerable:

Test by creating a run with ID containing XSS payload like <script>alert('XSS')</script> and check if it executes when viewing run details.

Check Version:

Check git commit hash or version in application configuration

Verify Fix Applied:

Verify that user input is properly HTML-encoded in the run inspection view and XSS payloads no longer execute.

📡 Detection & Monitoring

Log Indicators:

Unusual run IDs containing script tags or JavaScript code
Multiple failed attempts with suspicious payloads

Network Indicators:

Unexpected external script loads from run inspection pages
Suspicious outbound connections after viewing run details

SIEM Query:

search 'run_id' AND ('<script>' OR 'javascript:' OR 'onload=' OR 'onerror=')

📊 Metadata

CVE ID: CVE-2024-8556

CVSS v3 Score: 6.1 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE: CWE-79

EPSS Score: 0.07% exploit probability (22.1th percentile)

Published: March 20, 2025

Last Updated: April 1, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-8556, you might also want to check these: