admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add CVE-2021-21312 for GHSA-c7f6-3mr7-3rq2

Browse Source
This commit is contained in:
Robert Schultheis 2021-03-03 12:20:14 -07:00
parent 9bc6bc2047
commit 27ac19511b
No known key found for this signature in database
GPG Key ID: 348C4211B4D8BB40
1 changed files with 76 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

82
2021/21xxx/CVE-2021-21312.json
View File

@ -1,18 +1,88 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-21312",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Stored XSS on documents"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "glpi",
"version": {
"version_data": [
{
"version_value": "< 9.5.4"
}
]
}
}
]
},
"vendor_name": "glpi-project"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "GLPI is open source software which stands for Gestionnaire Libre de Parc Informatique and it is a Free Asset and IT Management Software package. In GLPI before verison 9.5.4, there is a vulnerability within the document upload function (Home > Management > Documents > Add, or /front/document.form.php endpoint), indeed one of the form field: \"Web Link\" is not properly sanitized and a malicious user (who has document upload rights) can use it to deliver JavaScript payload. For example if you use the following payload: \" accesskey=\"x\" onclick=\"alert(1)\" x=\", the content will be saved within the database without any control. \n\nAnd then once you return to the summary documents page, by clicking on the \"Web Link\" of the newly created file it will create a new empty tab, but on the initial tab the pop-up \"1\" will appear."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:N/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/glpi-project/glpi/security/advisories/GHSA-c7f6-3mr7-3rq2",
"refsource": "CONFIRM",
"url": "https://github.com/glpi-project/glpi/security/advisories/GHSA-c7f6-3mr7-3rq2"
},
{
"name": "https://github.com/glpi-project/glpi/releases/tag/9.5.4",
"refsource": "MISC",
"url": "https://github.com/glpi-project/glpi/releases/tag/9.5.4"
}
]
},
"source": {
"advisory": "GHSA-c7f6-3mr7-3rq2",
"discovery": "UNKNOWN"
}
}