CVE-2018-16248 - OpenCVE

b3log Solo 2.9.3 has XSS in the Input page under the "Publish Articles" menu with an ID of "articleTags" stored in the "tag" JSON field, which allows remote attackers to inject arbitrary Web scripts or HTML via a carefully crafted site name in an admin-authenticated HTTP request.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
B3log	Solo

Configuration 1 [-]

cpe:2.3:a:b3log:solo:2.9.3:*:*:*:*:*:*:*

References

Link	Resource
https://github.com/b3log/solo/issues/12489	Exploit Issue Tracking Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2019-06-20T15:46:52

Updated: 2019-06-20T15:46:52

Reserved: 2018-08-30T00:00:00

Link: CVE-2018-16248

JSON object: View

NVD Information

Status : Analyzed

Published: 2019-06-20T16:15:11.133

Modified: 2019-06-21T12:27:09.303

Link: CVE-2018-16248

JSON object: View

Redhat Information

No data.

CWE

CWE-79

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:b3log:solo:2.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "C1F6960C-59DE-481B-BB34-05A85F501385", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "b3log Solo 2.9.3 has XSS in the Input page under the \"Publish Articles\" menu with an ID of \"articleTags\" stored in the \"tag\" JSON field, which allows remote attackers to inject arbitrary Web scripts or HTML via a carefully crafted site name in an admin-authenticated HTTP request."}, {"lang": "es", "value": "b3log Solo versi\u00f3n 2.9.3 presenta XSS en la p\u00e1gina Input bajo el men\u00fa \"Publish Articles\" con un ID de \"articleTags\" almacenadas en el campo JSON \"tag\", que permite a los atacantes remotos inyectar script web o HTML arbitrario arbitrarios por medio de un nombre de sitio minuciosamente creado en una petici\u00f3n HTTP autenticada por el administrador."}], "id": "CVE-2018-16248", "lastModified": "2019-06-21T12:27:09.303", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-06-20T16:15:11.133", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"], "url": "https://github.com/b3log/solo/issues/12489"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}