Horizon Alert
Summary of the vulnerability and why it matters
A critical vulnerability has been identified in Coolify, a platform used for managing applications and infrastructure. The issue allows a low-privilege user to execute malicious code within an administrator's browser, potentially leading to a full compromise of the Coolify instance and access to sensitive information and managed servers.
- Low-privilege users can gain administrator control.
- Compromise of the instance means full access to data.
- Confirm relevance and exposure to this vulnerability.
Attack Path
How an attacker could exploit the issue
An attacker with low-privilege access can create a project with a name containing malicious JavaScript. When an administrator attempts to delete this project or its resources, the script executes within the administrator's browser. This allows the attacker to gain full control over the Coolify instance, potentially leading to the compromise of sensitive information and managed server access.
- Requires authenticated, low-privilege access.
- Triggered by an administrator deleting a project.
- Leads to full instance compromise.
Live Threat
Current exploitation, exposure, and threat context
This vulnerability could allow an authenticated user with low privileges to compromise an entire Coolify instance. By creating a project with a malicious name, they can trigger a stored cross-site scripting attack when an administrator attempts to manage that project. This could lead to the theft of sensitive API tokens and session cookies, as well as unauthorized access to terminal sessions on managed servers.
- Coolify instance and its sensitive data.
- Malicious project name triggers XSS.
- Full instance compromise and data theft.
Operational Fix
Recommended remediation, mitigation, and detection steps
Application owners and infrastructure teams are likely responsible for addressing this vulnerability. The first step is to identify all instances of Coolify within the environment, confirm their accessibility and business criticality, and then determine the accountable owner for remediation planning.
- Application owners should manage the issue.
- Verify external reachability and business impact.
- Plan and coordinate remediation activities.