nvd-json-data-feeds/CVE-2021/CVE-2021-439xx/CVE-2021-43960.json

{
  "id": "CVE-2021-43960",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2022-01-12T19:15:08.453",
  "lastModified": "2022-01-19T19:07:25.613",
  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "** DISPUTED ** Lorensbergs Connect2 3.13.7647.20190 is affected by an XSS vulnerability. Exploitation requires administrator privileges and is performed through the Wizard editor of the application. The attack requires an administrator to go into the Wizard editor and enter an XSS payload within the Page title, Page Instructions, Text before, Text after, or Text on side box. Once this has been done, the administrator must click save and finally wait until any user of the application performs a booking for rental items in the booking area of the application, where the XSS triggers. NOTE: another perspective is that the administrator may require JavaScript to customize any aspect of the page rendering. There is no effective way for the product to defend users in the face of a malicious administrator."
    },
    {
      "lang": "es",
      "value": "** EN DISPUTA ** Lorensbergs Connect2 versi\u00f3n 3.13.7647.20190 est\u00e1 afectado por una vulnerabilidad de tipo XSS. La explotaci\u00f3n requiere privilegios de administrador y se lleva a cabo mediante el editor Wizard de la aplicaci\u00f3n. El ataque requiere que un administrador entre en el editor del Wizard e introduzca una carga \u00fatil de tipo XSS dentro del t\u00edtulo de la p\u00e1gina, las instrucciones de la p\u00e1gina, el texto anterior, el texto posterior o el texto lateral. Una vez hecho esto, el administrador debe hacer clic en guardar y finalmente esperar a que cualquier usuario de la aplicaci\u00f3n lleve a cabo una reserva de art\u00edculos de alquiler en el \u00e1rea de reservas de la aplicaci\u00f3n, donde es desencadenado el ataque de tipo XSS. NOTA: otra perspectiva es que el administrador puede requerir JavaScript para personalizar cualquier aspecto de la representaci\u00f3n de la p\u00e1gina. No se presenta ninguna forma efectiva de que el producto defienda a usuarios frente a un administrador malicioso"
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "HIGH",
          "userInteraction": "REQUIRED",
          "scope": "CHANGED",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "availabilityImpact": "NONE",
          "baseScore": 4.8,
          "baseSeverity": "MEDIUM"
        },
        "exploitabilityScore": 1.7,
        "impactScore": 2.7
      }
    ],
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
          "accessVector": "NETWORK",
          "accessComplexity": "MEDIUM",
          "authentication": "SINGLE",
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "availabilityImpact": "NONE",
          "baseScore": 3.5
        },
        "baseSeverity": "LOW",
        "exploitabilityScore": 6.8,
        "impactScore": 2.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": true
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:lorensbergs:connect2:3.13.7647.20190:*:*:*:*:*:*:*",
              "matchCriteriaId": "3303C034-2961-4D6B-96BD-9C70E0D4A383"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://www.lorensbergs.co.uk/products/connect2-academic/",
      "source": "cve@mitre.org",
      "tags": [
        "Product",
        "Vendor Advisory"
      ]
    },
    {
      "url": "https://www.surecloud.com/resources/blog/lorensbergs-connect2-cross-site-scripting",
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ]
    }
  ]
}