mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
67 lines
2.3 KiB
JSON
67 lines
2.3 KiB
JSON
{
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"data_version": "4.0",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2020-9520",
|
|
"ASSIGNER": "security@microfocus.com",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "Micro Focus International",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Micro Focus Vibe.",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "All Vibe version prior to Vive 4.0.7."
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Stored XSS"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"refsource": "MISC",
|
|
"name": "https://softwaresupport.softwaregrp.com/doc/KM03630475",
|
|
"url": "https://softwaresupport.softwaregrp.com/doc/KM03630475"
|
|
},
|
|
{
|
|
"refsource": "FULLDISC",
|
|
"name": "20200327 [SYSS-2019-047] Micro Focus Vibe - Cross-Site Scripting (CVE-2020-9520)",
|
|
"url": "http://seclists.org/fulldisclosure/2020/Mar/50"
|
|
}
|
|
]
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "A stored XSS vulnerability was discovered in Micro Focus Vibe, affecting all Vibe version prior to 4.0.7. The vulnerability could allows a remote attacker to craft and store malicious content into Vibe such that when the content is viewed by another user of the system, attacker controlled JavaScript will execute in the security context of the target user\u2019s browser."
|
|
}
|
|
]
|
|
}
|
|
} |