CVE-2019-7223 - OpenCVE

InvoicePlane 1.5 has stored XSS via the index.php/invoices/ajax/save invoice_password parameter, aka the "PDF password" field to the "Create Invoice" option. The XSS payload is rendered at an index.php/invoices/view/## URI. NOTE: this is different from CVE-2018-12255.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:S/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Invoiceplane	Invoiceplane

Configuration 1 [-]

cpe:2.3:a:invoiceplane:invoiceplane:*:*:*:*:*:*:*:*

References

Link	Resource
https://cxsecurity.com/issue/WLB-2019020191	Exploit Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2019-03-16T12:00:00

Updated: 2019-03-16T11:57:01

Reserved: 2019-01-30T00:00:00

Link: CVE-2019-7223

JSON object: View

NVD Information

Status : Analyzed

Published: 2019-03-21T16:01:11.377

Modified: 2019-03-25T19:43:25.167

Link: CVE-2019-7223

JSON object: View

Redhat Information

No data.

CWE

CWE-79

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:invoiceplane:invoiceplane:*:*:*:*:*:*:*:*", "matchCriteriaId": "34B04C52-ECF9-41FE-A9D2-ADF1628B1EDE", "versionEndIncluding": "1.5.9", "versionStartIncluding": "1.5.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "InvoicePlane 1.5 has stored XSS via the index.php/invoices/ajax/save invoice_password parameter, aka the \"PDF password\" field to the \"Create Invoice\" option. The XSS payload is rendered at an index.php/invoices/view/## URI. NOTE: this is different from CVE-2018-12255."}, {"lang": "es", "value": "InvoicePlane 1.5 tiene Cross-Site Scripting (XSS) persistente mediante el par\u00e1metro invoice_password en index.php/invoices/ajax/save. Esto tambi\u00e9n se conoce como el campo \"PDF password\" de la opci\u00f3n \"Create Invoice\". La carga \u00fatil XSS se renderiza en un URI index.php/invoices/view/##. NOTA: esta vulnerabilidad es diferente de CVE-2018-12255."}], "id": "CVE-2019-7223", "lastModified": "2019-03-25T19:43:25.167", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 3.5, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-03-21T16:01:11.377", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://cxsecurity.com/issue/WLB-2019020191"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}