CVE-2019-6803

{"id": "CVE-2019-6803", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.0", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}]}, "published": "2019-01-25T05:29:00.903", "references": [{"url": "https://github.com/typora/typora-issues/issues/2124", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "typora through 0.9.9.20.3 beta has XSS, with resultant remote command execution, via the left outline bar."}, {"lang": "es", "value": "typora, hasta la versi\u00f3n beta 0.9.9.20.3, tiene Cross-Site Scripting (XSS), que desemboca en la ejecuci\u00f3n de comandos remota en la barra \"outline\" izquierda."}], "lastModified": "2019-01-25T20:57:32.370", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:typora:typora:0.8.1:alpha:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AC70FD56-1852-49ED-A76B-B7D3838D7F58"}, {"criteria": "cpe:2.3:a:typora:typora:0.8.2:alpha:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5B93927D-2081-4ED9-8C77-BD3032A514EE"}, {"criteria": "cpe:2.3:a:typora:typora:0.8.5:alpha:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AB963389-53B8-482F-B406-B61BC8F38803"}, {"criteria": "cpe:2.3:a:typora:typora:0.8.6:alpha:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "38310B06-0122-4A48-9B01-E12E8D7DD0F6"}, {"criteria": "cpe:2.3:a:typora:typora:0.8.7:alpha:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6B3B5803-97BE-48AA-B53A-DF85C64D9D6A"}, {"criteria": "cpe:2.3:a:typora:typora:0.8.8:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "14F80AC7-2253-4487-9790-44C908894D76"}, {"criteria": "cpe:2.3:a:typora:typora:0.8.9:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D195A948-D22D-4A3F-9E2E-1E56D736C702"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.0:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "364B4732-56D2-40AF-AD3F-3A63236B8119"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.1:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "126A473E-79BF-44DB-AD3B-C0A8EE28F781"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.2:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BC48DAC5-73AA-4245-8370-E9C3895F3FC7"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.3:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DAB86D99-2B43-46B2-983A-2CE94ABBFE52"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.4:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5116DBE7-E4A4-4EB0-9CB8-F8FBDD8D9572"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.4.5:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7AC23F8E-3843-4412-B7F4-E2FCCAF3969A"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.5:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6FD6F34E-5EBC-4C45-9496-DDE457DDA1F6"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.5.6:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "54EEFF74-7A36-4EB0-854B-E5568D313454"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.5.7:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "344CD9A7-E8B2-44C3-BA9B-EF9147CCD26B"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.6:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "67B38F44-034C-41B3-90AF-19CBEDD54182"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.6.1:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "75AEE747-7E14-4284-B3B0-6C6D7655423C"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.6.8:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7A544E5A-6420-4B42-A1A3-C6AFD2CEB18F"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.7:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "28C7E220-446A-4807-AEEA-4B2782BBCD79"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.7.4:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9FDAE391-122A-448F-AF55-D0B1C4CBD289"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.7.5:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7DC6FBC0-4959-4D0B-9D95-CF24D310BE8E"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.7.8:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1965A5E-1D8B-4B23-ABCD-2FABC0A38B40"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.7.9:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8E17435F-1199-4303-BC1D-1E97AA6F1C2A"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.8:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1703EC86-EEF6-486E-93C8-C7F9B04454C9"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.8.1:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BBF6D5DF-3724-49D2-9DFB-A8DEE560BB2E"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.8.5:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FDFAD3D6-0177-4C39-8055-BCCA772FAB88"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.8.6:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9AB75308-17C0-4079-BA6F-1F60C20CF472"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.8.7:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "169BAEF8-9742-4FE1-89DC-A273E31970AE"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.8.7.2:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EC2AE5DE-5D17-42DA-846D-BADC64C4081D"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.8.8:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E3E9AFD1-9CDF-4A99-939D-40C21B8AA952"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.0:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E3E1D6BF-80BF-454A-9AFE-71696CB57AEA"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.1:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F7FF9013-1391-4D08-81F1-7712A66123D1"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.2:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9A822677-C346-4DE2-890D-B7D8069AE530"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.2.1:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA5652BD-4A4C-4FDD-812B-9871DE884236"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.2.5:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E228BAA0-201C-480C-A5A6-830A6031FF0D"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.3:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B6314DA3-9854-4E50-AA19-D5841D593494"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.4:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8CBAEDF4-765A-4641-801A-CB0A41792EFE"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.4.4:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6FF219D2-8E50-4FE4-9C6C-80FAB2596BB1"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.5:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E2A41B37-9EC9-4E24-9AF5-4D9366E5BF79"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1068D36D-9F36-4B4D-9E93-D251F080F91B"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.6:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A24FCC5E-647A-4376-BEB0-AC3627525D75"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.6.2:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2EFB6DA2-8110-4A5E-958E-053F7C4A91EF"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.6.4:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1A3C170F-D971-4868-A34A-6B0DE13D9C57"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.7:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F60F9A47-F3BE-4C46-8D63-191A9B78D4A0"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.7.1:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "84B4124F-C9EA-4FF8-AD94-FEE2793AE157"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.7.6:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6ABA516E-245D-4FC8-AEAA-5BCA19133ECF"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.7.8:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D692E1C9-3D3D-4DF3-B102-A06BCE4ADB18"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.8:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "08078C0E-0A9E-4D37-8A8C-736015647D64"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.8.2:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "55126596-4566-4CB6-96A9-1D28940D68DD"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.8.4:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EE4BA4AA-0D1E-4430-A4E4-FC4851408117"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.8.5:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6D7CAC0A-9707-4A97-A56C-3DB246FDB6FA"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.8.8:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7503A399-2D9D-421E-92D3-0FBA8B3048B3"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.8.9:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DF806530-BB99-46B4-9C00-B396E6546BA2"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.9.0:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F3328B52-C88C-45A4-BDA2-88A5CA414DCD"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.9.2:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9AB0AE87-A363-4FF5-B651-FBB027EB702E"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.9.3:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "02825926-B00E-43FF-8136-3A34F3CAB745"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.9.4:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B7194779-6E20-44BE-88AF-4C248C2914BB"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.9.4.2:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9CB2E576-91FB-4000-A8B8-A635A48B4085"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.10:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "834E7E1F-918C-4E84-9247-4F789D71F455"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.10.1:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FB6A87BB-343F-4275-80D8-6A8513DBDC40"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.10.2:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "46A38C02-D549-4028-9AE6-37D4A6880FF8"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.10.3:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4DB13D0D-94B6-46A0-A429-CC3C7C81683C"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.10.4:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8B89F96E-49D1-4AED-9B89-E1B42FBD1945"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.10.6:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "60DE0E9E-C275-4A9A-A3DF-807BBBB5678C"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.10.7:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EF1C63F8-CFE6-4046-87D2-F941A47220B3"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.10.8:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D67F11BB-8DEE-4694-92C8-DE7C33148E16"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.10.9:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "36B1B2A8-2916-4B99-882A-1103366EAEE4"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.11:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "661B9EEA-6497-4D3B-965C-783999881719"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.11.2:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5A4FB406-F86E-4430-83A7-E12BB7CAFF68"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.12:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F16BE0FE-A57D-43A0-90A2-0031DB48FE1D"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.12.4:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "968C9899-D636-4E61-9D67-1BDD0F145B66"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.12.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "54029638-2FC9-447D-B16C-DB29A78AA51F"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.13:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "310A9BA8-549D-4443-8AAB-C935955E661A"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.13.6:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B52A3DEA-1A54-4C8E-A5D7-8C772F1A4EF0"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.14:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A9DA93BD-D08F-4394-AE79-F6C9A227634C"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.15:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CFE311B7-C121-4EF5-8CD8-9CCB8AE50241"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.15.2:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A68BB328-30A0-4E4D-9781-8C6FA5406A21"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.15.3:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9C75E9E5-4DAB-438B-985C-2061C8B976F4"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.16:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3D4F2459-E34F-4D45-ABBD-A219E2C1242B"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.16.1:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D1883465-32DD-4B52-AE1A-CF6656701AF0"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.16.2:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "904D8E56-D9F0-4B59-B72A-C98392807204"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.17:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "960C2CC5-9D65-4B93-921F-C321230003FC"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.17.4:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "89B5A02A-60F8-40AF-B3E2-BDB34C5E7001"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.17.5:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "53550F5D-4F45-4A49-ABA1-8DCDC4AFFF38"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.18:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E4DE0AA9-51E7-4A99-8295-C9651980C290"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.18.1:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E64CE581-81F9-4C7D-BEF8-C264D71917EB"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.19:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9E985222-EA21-4139-AF50-2041C2D0327E"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.19.3:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F45B8676-FF47-48E3-8912-1DAC45878609"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.19.4:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CF14E32B-8F53-4754-86A0-B4E0002F6E0A"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.20:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FDDBB8FE-BFE7-4DAC-A0D1-C9950BCA0023"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.20.1:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3E8DBA33-41E8-4333-B962-8764C8835710"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.20.2:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "300470AF-0937-4AC9-A770-21446E8B8A80"}, {"criteria": "cpe:2.3:a:typora:typora:0.9.9.20.3:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B6C878C9-BD8E-4BF0-85A3-F319AD325069"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}