CVE-2020-26505

A Stored Cross-Site Scripting (XSS) vulnerability in the “Marmind” web application with version 4.1.141.0 allows an attacker to inject code that will later be executed by legitimate users when they open the assets containing the JavaScript code. This would allow an attacker to perform unauthorized actions in the application on behalf of legitimate users or spread malware via the application. By using the “Assets Upload” function, an attacker can abuse the upload function to upload a malicious PDF file containing a stored XSS.

CVSS v3 6.1 MEDIUM
CVSS v2.0 4.3 MEDIUM

6.1^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

4.3^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
https://www.marmind.com/en/	Vendor Advisory
https://www2.deloitte.com/de/de/pages/risk/articles/marmind-xss.html?nc=1	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:marmind:marmind:4.1.141.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2020-11-05 17:15

Updated : 2024-02-28 18:08

NVD link : CVE-2020-26505

Mitre link : CVE-2020-26505

CVE.ORG link : CVE-2020-26505

JSON object : View

Products Affected

marmind

marmind

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

{"id": "CVE-2020-26505", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}]}, "published": "2020-11-05T17:15:12.443", "references": [{"url": "https://www.marmind.com/en/", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://www2.deloitte.com/de/de/pages/risk/articles/marmind-xss.html?nc=1", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "A Stored Cross-Site Scripting (XSS) vulnerability in the \u201cMarmind\u201d web application with version 4.1.141.0 allows an attacker to inject code that will later be executed by legitimate users when they open the assets containing the JavaScript code. This would allow an attacker to perform unauthorized actions in the application on behalf of legitimate users or spread malware via the application. By using the \u201cAssets Upload\u201d function, an attacker can abuse the upload function to upload a malicious PDF file containing a stored XSS."}, {"lang": "es", "value": "Una vulnerabilidad de tipo Cross-Site Scripting (XSS) almacenado en la aplicaci\u00f3n web \"Marmind\" con versi\u00f3n 4.1.141.0, permite a un atacante inyectar c\u00f3digo que luego ser\u00e1 ejecutado por usuarios leg\u00edtimos cuando abran los activos que contienen el c\u00f3digo JavaScript. Esto permitir\u00eda a un atacante llevar a cabo acciones no autorizadas en la aplicaci\u00f3n en nombre de usuarios leg\u00edtimos o difundir malware por medio de la aplicaci\u00f3n. Al usar la funci\u00f3n \"Assets Upload\", un atacante puede abusar de la funci\u00f3n de carga para cargar un archivo PDF malicioso que contenga una vulnerabilidad de tipo XSS almacenado"}], "lastModified": "2020-11-09T04:11:36.887", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:marmind:marmind:4.1.141.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "49F5DD96-2509-4803-A458-9382C87879AB"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}