| CVE-2018-16805 | Medium-low damage | 4.8 |
| Difficult to exploit |
| (other affected products) | Published: Mon Sep 10 23:29:00 2018 UTC. Last Modified: Fri Nov 9 16:06:00 2018 UTC |
CPE matches: cpe:2.3:a:b3log:solo:2.9.3:*:*:*:*:*:*:*
Description
In b3log Solo 2.9.3, XSS in the Input page under the Publish Articles menu, with an ID of linkAddress stored in the link JSON field, allows remote attackers to inject arbitrary Web scripts or HTML via a crafted site name provided by an administrator.
Damage
- Limited modification of data and/or system files.
- Limited access to information.
Attack conditions
- Remote attacking is possible through the network but requires the attacker to have administrative privileges.
- Human user action interaction is required for the attack.
- The attack is estimated to have a high success rate, once attempted.
Damage and attack conditions obtained from CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N (CVSSv3)
Type of bug(s)
- CWE-79, Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'): The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.