Published: 2019-11-21
Severity
High
Patch available
YES
Number of vulnerabilities
2
CVE ID
CVE-2019-17427CVE-2019-18890
CWE ID
CWE-79CWE-89
Exploitation vector
Network
Public exploit
N/A
Vulnerable software
Redmine Subscribe
Vendor
Ruby
Security Advisory
1) Stored cross-site scripting
Severity: Medium
CVSSv3: 6.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C] [PCI]
CVE-ID: CVE-2019-17427
CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Description
The vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of textile formatting errors. A remote attacker can send a specially crafted request to store XSS payload on the website and execute arbitrary HTML and script code in user's browser in context of vulnerable website, when the affected web page is visited by the victim.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Redmine: 3.4.0, 3.4.1, 3.4.2, 3.4.3, 3.4.4, 3.4.5, 3.4.6, 3.4.7, 3.4.8, 3.4.9, 3.4.10, 4.0.0, 4.0.1, 4.0.2, 4.0.3
CPE
External links
https://seclists.org/bugtraq/2019/Nov/31 multiple vulnerabilities redmine