CVE-2021-3427

The Deluge Web-UI is vulnerable to XSS through a crafted torrent file. The the data from torrent files is not properly sanitised as it's interpreted directly as HTML. Someone who supplies the user with a malicious torrent file can execute arbitrary Javascript code in the context of the user's browser session.

CVSS v3 6.1 MEDIUM

6.1^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://dev.deluge-torrent.org/ticket/3459	Exploit Issue Tracking Patch Vendor Advisory
https://groups.google.com/g/deluge-dev/c/e5zh7wT0rEg	Exploit Issue Tracking Mailing List Third Party Advisory
https://security.gentoo.org/glsa/202210-07	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:deluge-torrent:deluge:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2022-08-26 16:15

Updated : 2024-02-28 19:29

NVD link : CVE-2021-3427

Mitre link : CVE-2021-3427

CVE.ORG link : CVE-2021-3427

JSON object : View

Products Affected

deluge-torrent

deluge

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

{"id": "CVE-2021-3427", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}]}, "published": "2022-08-26T16:15:08.803", "references": [{"url": "https://dev.deluge-torrent.org/ticket/3459", "tags": ["Exploit", "Issue Tracking", "Patch", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://groups.google.com/g/deluge-dev/c/e5zh7wT0rEg", "tags": ["Exploit", "Issue Tracking", "Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://security.gentoo.org/glsa/202210-07", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "secalert@redhat.com", "description": [{"lang": "en", "value": "CWE-79"}]}, {"type": "Secondary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "The Deluge Web-UI is vulnerable to XSS through a crafted torrent file. The the data from torrent files is not properly sanitised as it's interpreted directly as HTML. Someone who supplies the user with a malicious torrent file can execute arbitrary Javascript code in the context of the user's browser session."}, {"lang": "es", "value": "Deluge Web-UI es vulnerable a un ataque de tipo XSS mediante un archivo torrent dise\u00f1ado. Los datos de los archivos torrent no son saneados apropiadamente, ya que son interpretados directamente como HTML. Alguien que suministre al usuario un archivo torrent malicioso puede ejecutar c\u00f3digo Javascript arbitrario en el contexto de la sesi\u00f3n del navegador del usuario."}], "lastModified": "2022-10-28T20:09:45.003", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:deluge-torrent:deluge:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "931E1242-09AE-4B13-85C0-39CD98E2726C", "versionEndExcluding": "2.1.0"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}