CVE-2020-8264

In actionpack gem >= 6.0.0, a possible XSS vulnerability exists when an application is running in development mode allowing an attacker to send or embed (in another page) a specially crafted URL which can allow the attacker to execute JavaScript in the context of the local application. This vulnerability is in the Actionable Exceptions middleware.

CVSS v3 6.1 MEDIUM
CVSS v2.0 4.3 MEDIUM

6.1^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

4.3^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
https://groups.google.com/g/rubyonrails-security/c/yQzUVfv42jk/m/oJWw-xhNAQAJ	Mailing List Third Party Advisory
https://hackerone.com/reports/904059	Exploit Patch Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:rubyonrails:rails:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2021-01-06 21:15

Updated : 2024-02-04 21:23

NVD link : CVE-2020-8264

Mitre link : CVE-2020-8264

CVE.ORG link : CVE-2020-8264

JSON object : View

Products Affected

rubyonrails

rails

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

{"id": "CVE-2020-8264", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}]}, "published": "2021-01-06T21:15:14.363", "references": [{"url": "https://groups.google.com/g/rubyonrails-security/c/yQzUVfv42jk/m/oJWw-xhNAQAJ", "tags": ["Mailing List", "Third Party Advisory"], "source": "support@hackerone.com"}, {"url": "https://hackerone.com/reports/904059", "tags": ["Exploit", "Patch", "Third Party Advisory"], "source": "support@hackerone.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}, {"type": "Secondary", "source": "support@hackerone.com", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "In actionpack gem >= 6.0.0, a possible XSS vulnerability exists when an application is running in development mode allowing an attacker to send or embed (in another page) a specially crafted URL which can allow the attacker to execute JavaScript in the context of the local application. This vulnerability is in the Actionable Exceptions middleware."}, {"lang": "es", "value": "En actionpack gem versiones posteriores a 6.0.0 incluy\u00e9ndola, se presenta una posible vulnerabilidad de tipo XSS cuando una aplicaci\u00f3n se ejecuta en modo development permitiendo a un atacante enviar o insertar (en otra p\u00e1gina) una URL especialmente dise\u00f1ada que puede permitir al atacante ejecutar JavaScript en el contexto de la aplicaci\u00f3n local. Esta vulnerabilidad se encuentra en el middleware de Excepciones Accionables"}], "lastModified": "2021-01-12T14:17:54.297", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:rubyonrails:rails:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E4F559E5-D93F-40E5-9630-D7B364B4BED7", "versionEndExcluding": "6.0.3.4", "versionStartIncluding": "6.0.0"}], "operator": "OR"}]}], "sourceIdentifier": "support@hackerone.com"}