fkie_cve-2024-25090
Vulnerability from fkie_nvd
Published
2024-07-26 09:15
Modified
2025-03-14 17:15
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
Insufficient input validation and sanitation in Profile name & screenname, Bookmark name & description and blogroll name features in all versions of Apache Roller on all platforms allows an authenticated user to perform an XSS attack. Mitigation: if you do not have Roller configured for untrusted users, then you need to do nothing because you trust your users to author raw HTML and other web content. If you are running with untrusted users then you should upgrade to Roller 6.1.3. This issue affects Apache Roller: from 5.0.0 before 6.1.3. Users are recommended to upgrade to version 6.1.3, which fixes the issue.
References
security@apache.orghttps://lists.apache.org/thread/lb50jqyxwf8jrfpydl6dc5zpqtpgrrwdMailing List, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2024/07/25/2
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread/lb50jqyxwf8jrfpydl6dc5zpqtpgrrwdMailing List, Vendor Advisory
Impacted products
Vendor Product Version
apache roller *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apache:roller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "34B9206D-CB9B-49BD-8162-CEFAE5C287E3",
              "versionEndExcluding": "6.1.3",
              "versionStartIncluding": "5.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Insufficient input validation and sanitation in Profile name \u0026 screenname, Bookmark name \u0026 description and blogroll name features in all versions of Apache Roller on all platforms allows an authenticated user to perform an XSS attack. Mitigation: if you do not have Roller configured for untrusted users, then you need to do nothing because you trust your users to author raw HTML and other web content. If you are running with untrusted users then you should upgrade to Roller 6.1.3.\n\nThis issue affects Apache Roller: from 5.0.0 before 6.1.3.\n\nUsers are recommended to upgrade to version 6.1.3, which fixes the issue."
    },
    {
      "lang": "es",
      "value": "La validaci\u00f3n de entrada y sanitizaci\u00f3n insuficientes de las funciones Profile name \u0026amp; screenname, Bookmark name \u0026amp; description and blogroll name en todas las versiones de Apache Roller en todas las plataformas permite que un usuario autenticado realice un ataque de XSS. Mitigaci\u00f3n: si no tiene Roller configurado para usuarios no confiables, entonces no necesita hacer nada porque conf\u00eda en que sus usuarios creen HTML sin formato y otro contenido web. Si est\u00e1 ejecutando con usuarios no confiables, entonces debe actualizar a Roller 6.1.3. Este problema afecta a Apache Roller: desde 5.0.0 hasta 6.1.3. Se recomienda a los usuarios que actualicen a la versi\u00f3n 6.1.3, que soluciona el problema."
    }
  ],
  "id": "CVE-2024-25090",
  "lastModified": "2025-03-14T17:15:42.687",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 2.7,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-07-26T09:15:09.700",
  "references": [
    {
      "source": "security@apache.org",
      "tags": [
        "Mailing List",
        "Vendor Advisory"
      ],
      "url": "https://lists.apache.org/thread/lb50jqyxwf8jrfpydl6dc5zpqtpgrrwd"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2024/07/25/2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Vendor Advisory"
      ],
      "url": "https://lists.apache.org/thread/lb50jqyxwf8jrfpydl6dc5zpqtpgrrwd"
    }
  ],
  "sourceIdentifier": "security@apache.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        },
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "security@apache.org",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.