Lucene search

GitHub_MCVELIST:CVE-2020-26210

HistoryNov 03, 2020 - 6:20 p.m.

CVE-2020-26210 Cross-Site Scripting in BookStack

2020-11-0318:20:15

CWE-79

GitHub_M

www.cve.org

bookstack

cross-site scripting

version 0.30.4

untrusted javascript

sql query

database

workaround

page edit permissions

CVSS3

7.7

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N

AI Score

8.7

Confidence

High

EPSS

0.002

Percentile

57.7%

JSON

In BookStack before version 0.30.4, a user with permissions to edit a page could add an attached link which would execute untrusted JavaScript code when clicked by a viewer of the page. Dangerous content may remain in the database after this update. If you think this could have been exploited the linked advisory provides a SQL query to test. As a workaround, page edit permissions could be limited to only those that are trusted until you can upgrade although this will not address existing exploitation of this vulnerability. The issue is fixed in version 0.30.4.

CNA Affected

[
  {
    "product": "BookStack",
    "vendor": "BookStackApp",
    "versions": [
      {
        "status": "affected",
        "version": "< 0.30.4"
      }
    ]
  }
]

References

bookstackapp.com/blog/beta-release-v0-30-4/

github.com/BookStackApp/BookStack/commit/349162ea139556b2d25e09e155cec84e21cc9227

github.com/BookStackApp/BookStack/releases/tag/v0.30.4

github.com/BookStackApp/BookStack/security/advisories/GHSA-7p2j-4h6p-cq3h

CVSS3

7.7

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N

AI Score

8.7

Confidence

High

EPSS

0.002

Percentile

57.7%

JSON

Related for CVELIST:CVE-2020-26210