admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2020/CVE-2020-81xx/CVE-2020-8189.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

155 lines
4.1 KiB
JSON
Raw Blame History

{
"id": "CVE-2020-8189",
"sourceIdentifier": "support@hackerone.com",
"published": "2020-08-21T21:15:11.887",
"lastModified": "2024-11-21T05:38:28.087",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting error in Nextcloud Desktop client 2.6.4 allowed to present any html (including local links) when responding with invalid data on the login attempt."
},
{
"lang": "es",
"value": "Un error de tipo cross-site scripting en el cliente de Nextcloud Desktop versi\u00f3n 2.6.4, permiti\u00f3 presentar cualquier html (incluyendo los enlaces locales) al responder con datos no v\u00e1lidos en el intento de inicio de sesi\u00f3n."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"baseScore": 3.5,
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE"
},
"baseSeverity": "LOW",
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "support@hackerone.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:desktop:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.6.5",
"matchCriteriaId": "032BCD9E-159A-4BB1-BCE6-0E405BA6F6C4"
}
]
}
]
}
],
"references": [
{
"url": "https://hackerone.com/reports/685552",
"source": "support@hackerone.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://nextcloud.com/security/advisory/?id=NC-SA-2020-027",
"source": "support@hackerone.com",
"tags": [
"Broken Link",
"Vendor Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/202009-09",
"source": "support@hackerone.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://hackerone.com/reports/685552",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://nextcloud.com/security/advisory/?id=NC-SA-2020-027",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Vendor Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/202009-09",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink