cvelistv5 - cve-2024-25090

CVE-2024-25090 (GCVE-0-2024-25090)

Vulnerability from cvelistv5

Published

2024-07-26 08:36

Modified

2025-03-14 16:11

Severity ?

CWE

CWE-20 - Improper Input Validation
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Summary

Insufficient input validation and sanitation in Profile name & screenname, Bookmark name & description and blogroll name features in all versions of Apache Roller on all platforms allows an authenticated user to perform an XSS attack. Mitigation: if you do not have Roller configured for untrusted users, then you need to do nothing because you trust your users to author raw HTML and other web content. If you are running with untrusted users then you should upgrade to Roller 6.1.3. This issue affects Apache Roller: from 5.0.0 before 6.1.3. Users are recommended to upgrade to version 6.1.3, which fixes the issue.

References

URL	Tags
security@apache.org	https://lists.apache.org/thread/lb50jqyxwf8jrfpydl6dc5zpqtpgrrwd	Mailing List, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2024/07/25/2
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread/lb50jqyxwf8jrfpydl6dc5zpqtpgrrwd	Mailing List, Vendor Advisory

Impacted products

	Vendor	Product	Version
	Apache Software Foundation	Apache Roller	Version: 5.0.0 ≤

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 5.4,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "LOW",
              "integrityImpact": "LOW",
              "privilegesRequired": "LOW",
              "scope": "CHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-25090",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-26T17:40:05.341591Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-14T16:11:12.779Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-09-13T17:04:09.438Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread/lb50jqyxwf8jrfpydl6dc5zpqtpgrrwd"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2024/07/25/2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Apache Roller",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThan": "6.1.3",
              "status": "affected",
              "version": "5.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Jacob Hazak"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eInsufficient input validation and sanitation in Profile name \u0026amp; screenname, Bookmark name \u0026amp; description and blogroll name features in all versions of Apache Roller on all platforms allows an authenticated user to perform an XSS attack. Mitigation: if you do not have Roller configured for untrusted users, then you need to do nothing because you trust your users to author raw HTML and other web content. If you are running with untrusted users then you should upgrade to Roller 6.1.3.\u003c/p\u003e\u003cp\u003eThis issue affects Apache Roller: from 5.0.0 before 6.1.3.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 6.1.3, which fixes the issue.\u003c/p\u003e"
            }
          ],
          "value": "Insufficient input validation and sanitation in Profile name \u0026 screenname, Bookmark name \u0026 description and blogroll name features in all versions of Apache Roller on all platforms allows an authenticated user to perform an XSS attack. Mitigation: if you do not have Roller configured for untrusted users, then you need to do nothing because you trust your users to author raw HTML and other web content. If you are running with untrusted users then you should upgrade to Roller 6.1.3.\n\nThis issue affects Apache Roller: from 5.0.0 before 6.1.3.\n\nUsers are recommended to upgrade to version 6.1.3, which fixes the issue."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "low"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20 Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-26T08:36:47.021Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.apache.org/thread/lb50jqyxwf8jrfpydl6dc5zpqtpgrrwd"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Apache Roller: Insufficient input validation for some user profile and bookmark fields when Roller in untested-users mode",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2024-25090",
    "datePublished": "2024-07-26T08:36:47.021Z",
    "dateReserved": "2024-02-04T23:11:19.147Z",
    "dateUpdated": "2025-03-14T16:11:12.779Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-25090\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2024-07-26T09:15:09.700\",\"lastModified\":\"2025-03-14T17:15:42.687\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Insufficient input validation and sanitation in Profile name \u0026 screenname, Bookmark name \u0026 description and blogroll name features in all versions of Apache Roller on all platforms allows an authenticated user to perform an XSS attack. Mitigation: if you do not have Roller configured for untrusted users, then you need to do nothing because you trust your users to author raw HTML and other web content. If you are running with untrusted users then you should upgrade to Roller 6.1.3.\\n\\nThis issue affects Apache Roller: from 5.0.0 before 6.1.3.\\n\\nUsers are recommended to upgrade to version 6.1.3, which fixes the issue.\"},{\"lang\":\"es\",\"value\":\"La validaci\u00f3n de entrada y sanitizaci\u00f3n insuficientes de las funciones Profile name \u0026amp; screenname, Bookmark name \u0026amp; description and blogroll name en todas las versiones de Apache Roller en todas las plataformas permite que un usuario autenticado realice un ataque de XSS. Mitigaci\u00f3n: si no tiene Roller configurado para usuarios no confiables, entonces no necesita hacer nada porque conf\u00eda en que sus usuarios creen HTML sin formato y otro contenido web. Si est\u00e1 ejecutando con usuarios no confiables, entonces debe actualizar a Roller 6.1.3. Este problema afecta a Apache Roller: desde 5.0.0 hasta 6.1.3. Se recomienda a los usuarios que actualicen a la versi\u00f3n 6.1.3, que soluciona el problema.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":5.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.3,\"impactScore\":2.7},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":5.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.3,\"impactScore\":2.7}]},\"weaknesses\":[{\"source\":\"security@apache.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"},{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:roller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.0.0\",\"versionEndExcluding\":\"6.1.3\",\"matchCriteriaId\":\"34B9206D-CB9B-49BD-8162-CEFAE5C287E3\"}]}]}],\"references\":[{\"url\":\"https://lists.apache.org/thread/lb50jqyxwf8jrfpydl6dc5zpqtpgrrwd\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/25/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread/lb50jqyxwf8jrfpydl6dc5zpqtpgrrwd\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://lists.apache.org/thread/lb50jqyxwf8jrfpydl6dc5zpqtpgrrwd\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/25/2\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-09-13T17:04:09.438Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 5.4, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"LOW\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-25090\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-07-26T17:40:05.341591Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-07-26T17:40:09.121Z\"}}], \"cna\": {\"title\": \"Apache Roller: Insufficient input validation for some user profile and bookmark fields when Roller in untested-users mode\", \"source\": {\"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"reporter\", \"value\": \"Jacob Hazak\"}], \"metrics\": [{\"other\": {\"type\": \"Textual description of severity\", \"content\": {\"text\": \"low\"}}}], \"affected\": [{\"vendor\": \"Apache Software Foundation\", \"product\": \"Apache Roller\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.0.0\", \"lessThan\": \"6.1.3\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://lists.apache.org/thread/lb50jqyxwf8jrfpydl6dc5zpqtpgrrwd\", \"tags\": [\"vendor-advisory\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Insufficient input validation and sanitation in Profile name \u0026 screenname, Bookmark name \u0026 description and blogroll name features in all versions of Apache Roller on all platforms allows an authenticated user to perform an XSS attack. Mitigation: if you do not have Roller configured for untrusted users, then you need to do nothing because you trust your users to author raw HTML and other web content. If you are running with untrusted users then you should upgrade to Roller 6.1.3.\\n\\nThis issue affects Apache Roller: from 5.0.0 before 6.1.3.\\n\\nUsers are recommended to upgrade to version 6.1.3, which fixes the issue.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eInsufficient input validation and sanitation in Profile name \u0026amp; screenname, Bookmark name \u0026amp; description and blogroll name features in all versions of Apache Roller on all platforms allows an authenticated user to perform an XSS attack. Mitigation: if you do not have Roller configured for untrusted users, then you need to do nothing because you trust your users to author raw HTML and other web content. If you are running with untrusted users then you should upgrade to Roller 6.1.3.\u003c/p\u003e\u003cp\u003eThis issue affects Apache Roller: from 5.0.0 before 6.1.3.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 6.1.3, which fixes the issue.\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-20\", \"description\": \"CWE-20 Improper Input Validation\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-79\", \"description\": \"CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"shortName\": \"apache\", \"dateUpdated\": \"2024-07-26T08:36:47.021Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-25090\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-03-14T16:11:12.779Z\", \"dateReserved\": \"2024-02-04T23:11:19.147Z\", \"assignerOrgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"datePublished\": \"2024-07-26T08:36:47.021Z\", \"assignerShortName\": \"apache\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

fkie_cve-2024-25090

Vulnerability from fkie_nvd

Published

2024-07-26 09:15

Modified

2025-03-14 17:15

Severity ?

5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Summary

References

URL	Tags
security@apache.org	https://lists.apache.org/thread/lb50jqyxwf8jrfpydl6dc5zpqtpgrrwd	Mailing List, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2024/07/25/2
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread/lb50jqyxwf8jrfpydl6dc5zpqtpgrrwd	Mailing List, Vendor Advisory

Impacted products

	Vendor	Product	Version
	apache	roller	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apache:roller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "34B9206D-CB9B-49BD-8162-CEFAE5C287E3",
              "versionEndExcluding": "6.1.3",
              "versionStartIncluding": "5.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Insufficient input validation and sanitation in Profile name \u0026 screenname, Bookmark name \u0026 description and blogroll name features in all versions of Apache Roller on all platforms allows an authenticated user to perform an XSS attack. Mitigation: if you do not have Roller configured for untrusted users, then you need to do nothing because you trust your users to author raw HTML and other web content. If you are running with untrusted users then you should upgrade to Roller 6.1.3.\n\nThis issue affects Apache Roller: from 5.0.0 before 6.1.3.\n\nUsers are recommended to upgrade to version 6.1.3, which fixes the issue."
    },
    {
      "lang": "es",
      "value": "La validaci\u00f3n de entrada y sanitizaci\u00f3n insuficientes de las funciones Profile name \u0026amp; screenname, Bookmark name \u0026amp; description and blogroll name en todas las versiones de Apache Roller en todas las plataformas permite que un usuario autenticado realice un ataque de XSS. Mitigaci\u00f3n: si no tiene Roller configurado para usuarios no confiables, entonces no necesita hacer nada porque conf\u00eda en que sus usuarios creen HTML sin formato y otro contenido web. Si est\u00e1 ejecutando con usuarios no confiables, entonces debe actualizar a Roller 6.1.3. Este problema afecta a Apache Roller: desde 5.0.0 hasta 6.1.3. Se recomienda a los usuarios que actualicen a la versi\u00f3n 6.1.3, que soluciona el problema."
    }
  ],
  "id": "CVE-2024-25090",
  "lastModified": "2025-03-14T17:15:42.687",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 2.7,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-07-26T09:15:09.700",
  "references": [
    {
      "source": "security@apache.org",
      "tags": [
        "Mailing List",
        "Vendor Advisory"
      ],
      "url": "https://lists.apache.org/thread/lb50jqyxwf8jrfpydl6dc5zpqtpgrrwd"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2024/07/25/2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Vendor Advisory"
      ],
      "url": "https://lists.apache.org/thread/lb50jqyxwf8jrfpydl6dc5zpqtpgrrwd"
    }
  ],
  "sourceIdentifier": "security@apache.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        },
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "security@apache.org",
      "type": "Primary"
    }
  ]
}

gsd-2024-25090

Vulnerability from gsd

Modified

2024-02-05 06:03

Details

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Aliases

CVE-2024-25090

JSON

To clipboard

{
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2024-25090"
      ],
      "id": "GSD-2024-25090",
      "modified": "2024-02-05T06:03:25.273303Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2024-25090",
        "STATE": "RESERVED"
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
          }
        ]
      }
    }
  }
}

cnvd-2024-35670

Vulnerability from cnvd

Title: Apache Roller跨站脚本漏洞（CNVD-2024-35670）

Description:

Apache Roller是美国阿帕奇（Apache）基金会的一套基于Java的多用户开源博客系统。

Apache Roller存在跨站脚本漏洞，攻击者可利用该漏洞获取基于cookie的身份验证凭据。

Severity: 中

Patch Name: Apache Roller跨站脚本漏洞（CNVD-2024-35670）的补丁

Patch Description:

Apache Roller是美国阿帕奇（Apache）基金会的一套基于Java的多用户开源博客系统。

Apache Roller存在跨站脚本漏洞，攻击者可利用该漏洞获取基于cookie的身份验证凭据。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

厂商已发布了漏洞修复程序，请及时关注更新： https://lists.apache.org/thread/lb50jqyxwf8jrfpydl6dc5zpqtpgrrwd

Reference: https://cxsecurity.com/cveshow/CVE-2024-25090/

Impacted products

Name
Apache Roller >=5.0.0，<6.1.3

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2024-25090"
    }
  },
  "description": "Apache Roller\u662f\u7f8e\u56fd\u963f\u5e15\u5947\uff08Apache\uff09\u57fa\u91d1\u4f1a\u7684\u4e00\u5957\u57fa\u4e8eJava\u7684\u591a\u7528\u6237\u5f00\u6e90\u535a\u5ba2\u7cfb\u7edf\u3002\n\nApache Roller\u5b58\u5728\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u57fa\u4e8ecookie\u7684\u8eab\u4efd\u9a8c\u8bc1\u51ed\u636e\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://lists.apache.org/thread/lb50jqyxwf8jrfpydl6dc5zpqtpgrrwd",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2024-35670",
  "openTime": "2024-08-19",
  "patchDescription": "Apache Roller\u662f\u7f8e\u56fd\u963f\u5e15\u5947\uff08Apache\uff09\u57fa\u91d1\u4f1a\u7684\u4e00\u5957\u57fa\u4e8eJava\u7684\u591a\u7528\u6237\u5f00\u6e90\u535a\u5ba2\u7cfb\u7edf\u3002\r\n\r\nApache Roller\u5b58\u5728\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u57fa\u4e8ecookie\u7684\u8eab\u4efd\u9a8c\u8bc1\u51ed\u636e\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Apache Roller\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff08CNVD-2024-35670\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "Apache Roller \u003e=5.0.0\uff0c\u003c6.1.3"
  },
  "referenceLink": "https://cxsecurity.com/cveshow/CVE-2024-25090/",
  "serverity": "\u4e2d",
  "submitTime": "2024-07-30",
  "title": "Apache Roller\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff08CNVD-2024-35670\uff09"
}

ghsa-g9rf-qc6j-h2f7

Vulnerability from github

Published

2024-07-26 09:30

Modified

2025-03-14 18:30

Severity ?

5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Details

This issue affects Apache Roller: from 5.0.0 before 6.1.3.

Users are recommended to upgrade to version 6.1.3, which fixes the issue.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-25090"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-07-26T09:15:09Z",
    "severity": "MODERATE"
  },
  "details": "Insufficient input validation and sanitation in Profile name \u0026 screenname, Bookmark name \u0026 description and blogroll name features in all versions of Apache Roller on all platforms allows an authenticated user to perform an XSS attack. Mitigation: if you do not have Roller configured for untrusted users, then you need to do nothing because you trust your users to author raw HTML and other web content. If you are running with untrusted users then you should upgrade to Roller 6.1.3.\n\nThis issue affects Apache Roller: from 5.0.0 before 6.1.3.\n\nUsers are recommended to upgrade to version 6.1.3, which fixes the issue.",
  "id": "GHSA-g9rf-qc6j-h2f7",
  "modified": "2025-03-14T18:30:42Z",
  "published": "2024-07-26T09:30:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25090"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread/lb50jqyxwf8jrfpydl6dc5zpqtpgrrwd"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2024/07/25/2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2024-25090 (GCVE-0-2024-25090)

Vulnerability from cvelistv5

fkie_cve-2024-25090

Vulnerability from fkie_nvd

gsd-2024-25090

Vulnerability from gsd

cnvd-2024-35670

Vulnerability from cnvd

ghsa-g9rf-qc6j-h2f7

Vulnerability from github

Tags

Sightings

Nomenclature