admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-29 05:56:17 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2020/CVE-2020-117xx/CVE-2020-11702.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

113 lines
3.7 KiB
JSON
Raw Blame History

{
"id": "CVE-2020-11702",
"sourceIdentifier": "cve@mitre.org",
"published": "2020-04-12T03:15:10.867",
"lastModified": "2020-04-13T17:31:46.187",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in ProVide (formerly zFTPServer) through 13.1. The User Web Interface has Multiple Stored and Reflected XSS issues. Collaborate is Reflected via the filename parameter. Collaborate is Stored via the displayname parameter. Deletemultiple is Reflected via the files parameter. Share is Reflected via the target parameter. Share is Stored via the displayname parameter. Waitedit is Reflected via the Host header."
},
{
"lang": "es",
"value": "Se detect\u00f3 un problema en ProVide (anteriormente zFTPServer) versiones hasta 13.1. La Interfaz Web de Usuario presenta m\u00faltiples problemas de tipo XSS Almacenado y Reflejado. Collaborate es Reflejada por medio del par\u00e1metro filename. Collaborate es Almacenada por medio del par\u00e1metro displayname. Deletemultiple es Reflejada por medio del par\u00e1metro files. Share es Reflejada por medio del par\u00e1metro target. Share es Almacenada por medio del par\u00e1metro displayname. Waitedit es Reflejada por medio del encabezado Host."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 4.3
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:provideserver:provide_ftp_server:*:*:*:*:*:windows:*:*",
"versionEndIncluding": "13.1",
"matchCriteriaId": "E09F4F40-785A-49C1-ABC9-702E36BD35E3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/belong2yourself/vulnerabilities/tree/master/ProVide/Web%20User%20Interface%20-%20Multiple%20Cross-Site-Scripting",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.provideserver.com/security/",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink