CVE-2024-34064 Overview
CVE-2024-34064 is a Cross-Site Scripting (XSS) vulnerability in Jinja, an extensible templating engine widely used in Python web applications. The vulnerability exists in the xmlattr filter, which accepts keys containing non-attribute characters that should be disallowed. XML/HTML attributes cannot contain spaces, /, >, or =, as each would be interpreted as starting a separate attribute. If an application accepts keys (as opposed to only values) as user input and renders these in pages visible to other users, an attacker could exploit this flaw to inject malicious attributes and execute XSS attacks.
This vulnerability is a bypass of the incomplete fix for CVE-2024-22195, which only addressed spaces but not other dangerous characters. The Pallets project has explicitly stated that accepting keys as user input is now considered an unintended use case of the xmlattr filter.
Critical Impact
Applications using Jinja's xmlattr filter that accept user-controlled keys can be exploited to perform XSS attacks, potentially leading to session hijacking, credential theft, or malicious content injection affecting other users.
Affected Products
- Palletsprojects Jinja versions prior to 3.1.4
- Fedoraproject Fedora 39
- Fedoraproject Fedora 40
Discovery Timeline
- 2024-05-06 - CVE-2024-34064 published to NVD
- 2025-11-03 - Last updated in NVD database
Technical Details for CVE-2024-34064
Vulnerability Analysis
The xmlattr filter in Jinja is designed to convert Python dictionaries into XML/HTML attribute strings for use in templates. The vulnerability stems from insufficient validation of attribute key characters. While the previous fix for CVE-2024-22195 added validation to reject keys containing whitespace, it failed to account for other characters that have special meaning in HTML attribute parsing contexts.
According to the HTML specification's attribute name state, characters such as / (solidus), > (greater-than sign), and = (equals sign) can cause the parser to transition from processing an attribute name to processing a value or starting a new element. When user-controlled input is used as attribute keys without proper sanitization, attackers can craft malicious inputs that break out of the intended attribute context and inject arbitrary attributes, including event handlers that execute JavaScript code.
The attack requires user interaction, as victims must visit a page containing the attacker's injected payload. Successful exploitation can result in unauthorized disclosure of sensitive information and limited integrity impact through content manipulation.
Root Cause
The root cause is improper input validation in the xmlattr filter's key processing logic. The original regular expression only checked for whitespace characters but did not validate against other characters that have special meaning in HTML attribute parsing. The regex pattern r"\s" was insufficient and needed to be expanded to r"[\s/>=]" to properly reject all characters that could be used to escape the attribute context.
Attack Vector
The attack vector is network-based and requires an application that:
- Uses Jinja's xmlattr filter to generate HTML attributes
- Accepts user input as attribute keys (not just values)
- Renders the output in pages viewable by other users
An attacker can submit specially crafted key values containing characters like /, >, or = to break out of the attribute context and inject malicious attributes such as onclick, onmouseover, or other JavaScript event handlers.
The security patch updated the validation regex in src/jinja2/filters.py:
# Check for characters that would move the parser state from key to value.
# https://html.spec.whatwg.org/#attribute-name-state
_attr_key_re = re.compile(r"[\s/>=]", flags=re.ASCII)
Source: GitHub Commit
The changelog documents the fix:
+ The ``xmlattr`` filter does not allow keys with ``/`` solidus, ``>``
+ greater-than sign, or ``=`` equals sign, in addition to disallowing spaces.
+ Regardless of any validation done by Jinja, user input should never be used
+ as keys to this filter, or must be separately validated first.
+ GHSA-h75v-3vvj-5mfj
Source: GitHub Commit
Detection Methods for CVE-2024-34064
Indicators of Compromise
- Unusual HTTP requests containing special characters (/, >, =) in parameter values that are used as dictionary keys in templates
- Web application logs showing attribute injection patterns in user-supplied data
- Client-side JavaScript execution from unexpected attribute event handlers
Detection Strategies
- Review application code for uses of the xmlattr filter where user input is used as dictionary keys rather than values
- Implement Web Application Firewall (WAF) rules to detect attribute injection patterns in request parameters
- Use static application security testing (SAST) tools to identify vulnerable xmlattr usage patterns in Jinja templates
Monitoring Recommendations
- Monitor web application logs for suspicious patterns indicating XSS attack attempts targeting attribute contexts
- Implement Content Security Policy (CSP) headers to detect and block unauthorized script execution
- Deploy runtime application self-protection (RASP) solutions to detect attribute injection attacks
How to Mitigate CVE-2024-34064
Immediate Actions Required
- Upgrade Jinja to version 3.1.4 or later immediately
- Audit all uses of the xmlattr filter in your codebase to identify instances where user input is passed as keys
- Implement server-side input validation to reject user-supplied attribute keys containing dangerous characters
Patch Information
The vulnerability is fixed in Jinja version 3.1.4. The patch modifies the xmlattr filter to reject keys containing /, >, or = characters in addition to the previously disallowed whitespace characters. Security advisories and patches are available through the GitHub Security Advisory and the official commit.
Fedora users should apply updates from the Fedora Package Announcements for their respective distributions.
Workarounds
- Never use user-supplied input as keys to the xmlattr filter; only use it for values
- If user-controlled keys are required, implement strict allowlist validation before passing to xmlattr
- Apply Content Security Policy headers to mitigate the impact of successful XSS attacks
# Upgrade Jinja to the patched version
pip install --upgrade Jinja2>=3.1.4
# Verify the installed version
pip show Jinja2 | grep Version
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
