cvelistv5 - cve-2021-39161

CVE-2021-39161 (GCVE-0-2021-39161)

Vulnerability from cvelistv5 – Published: 2021-08-26 20:00 – Updated: 2024-08-04 01:58

Summary

Discourse is an open source platform for community discussion. In affected versions category names can be used for Cross-site scripting(XSS) attacks. This is mitigated by Discourse's default Content Security Policy and this vulnerability only affects sites which have modified or disabled or changed Discourse's default Content Security Policy have allowed for moderators to modify categories. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. Users are advised to ensure that the Content Security Policy is enabled, and has not been modified in a way which would make it more vulnerable to XSS attacks.

Severity ?

4.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N

CWE

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Assigner

GitHub_M

References

URL

Tags

https://github.com/discourse/discourse/security/a…

x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	discourse	discourse	Affected: < 2.7.8 Affected: >= 2.8.0.beta1, < 2.8.0.beta4

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T01:58:18.168Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/discourse/discourse/security/advisories/GHSA-xhmc-9jwm-wqph"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "discourse",
          "vendor": "discourse",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 2.7.8 "
            },
            {
              "status": "affected",
              "version": "\u003e= 2.8.0.beta1, \u003c 2.8.0.beta4"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Discourse is an open source platform for community discussion. In affected versions category names can be used for Cross-site scripting(XSS) attacks. This is mitigated by Discourse\u0027s default Content Security Policy and this vulnerability only affects sites which have modified or disabled or changed Discourse\u0027s default Content Security Policy have allowed for moderators to modify categories. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. Users are advised to ensure that the Content Security Policy is enabled, and has not been modified in a way which would make it more vulnerable to XSS attacks."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-08-26T20:00:11",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/discourse/discourse/security/advisories/GHSA-xhmc-9jwm-wqph"
        }
      ],
      "source": {
        "advisory": "GHSA-xhmc-9jwm-wqph",
        "discovery": "UNKNOWN"
      },
      "title": "Cross-site scripting via category name in Discourse",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2021-39161",
          "STATE": "PUBLIC",
          "TITLE": "Cross-site scripting via category name in Discourse"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "discourse",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "\u003c 2.7.8 "
                          },
                          {
                            "version_value": "\u003e= 2.8.0.beta1, \u003c 2.8.0.beta4"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "discourse"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Discourse is an open source platform for community discussion. In affected versions category names can be used for Cross-site scripting(XSS) attacks. This is mitigated by Discourse\u0027s default Content Security Policy and this vulnerability only affects sites which have modified or disabled or changed Discourse\u0027s default Content Security Policy have allowed for moderators to modify categories. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. Users are advised to ensure that the Content Security Policy is enabled, and has not been modified in a way which would make it more vulnerable to XSS attacks."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/discourse/discourse/security/advisories/GHSA-xhmc-9jwm-wqph",
              "refsource": "CONFIRM",
              "url": "https://github.com/discourse/discourse/security/advisories/GHSA-xhmc-9jwm-wqph"
            }
          ]
        },
        "source": {
          "advisory": "GHSA-xhmc-9jwm-wqph",
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2021-39161",
    "datePublished": "2021-08-26T20:00:11",
    "dateReserved": "2021-08-16T00:00:00",
    "dateUpdated": "2024-08-04T01:58:18.168Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:discourse:discourse:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.7.8\", \"matchCriteriaId\": \"2A85C6E2-A78D-47B2-AE03-A12AE6A2E8BD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:discourse:discourse:2.8.0:beta1:*:*:*:*:*:*\", \"matchCriteriaId\": \"9E7F8AC4-35D1-45E5-8A3A-B0205000A5D3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:discourse:discourse:2.8.0:beta2:*:*:*:*:*:*\", \"matchCriteriaId\": \"B9AE12FE-0396-4843-8D30-D8C44FAE01DA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:discourse:discourse:2.8.0:beta3:*:*:*:*:*:*\", \"matchCriteriaId\": \"F101AEAB-4FB7-4BE3-931B-595702D616C7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:discourse:discourse:2.8.0:beta4:*:*:*:*:*:*\", \"matchCriteriaId\": \"F6878B7F-2691-4D3F-8116-CB282FDAAAC7\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Discourse is an open source platform for community discussion. In affected versions category names can be used for Cross-site scripting(XSS) attacks. This is mitigated by Discourse\u0027s default Content Security Policy and this vulnerability only affects sites which have modified or disabled or changed Discourse\u0027s default Content Security Policy have allowed for moderators to modify categories. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. Users are advised to ensure that the Content Security Policy is enabled, and has not been modified in a way which would make it more vulnerable to XSS attacks.\"}, {\"lang\": \"es\", \"value\": \"Discourse es una plataforma de c\\u00f3digo abierto para el debate comunitario. En las versiones afectadas los nombres de las categor\\u00edas pueden ser usados para ataques de tipo Cross-site scripting (XSS). Esto es mitigado por la Pol\\u00edtica de Seguridad de Contenidos por predeterminada de Discourse y esta vulnerabilidad s\\u00f3lo afecta a los sitios que han modificado o deshabilitado o cambiado la Pol\\u00edtica de Seguridad de Contenidos predeterminada de Discourse han permitido a los moderadores modificar las categor\\u00edas. Este problema est\\u00e1 parcheado en las \\u00faltimas versiones estables, beta y de prueba de Discourse. Se aconseja a usuarios que se aseguren de que la Pol\\u00edtica de Seguridad de Contenidos est\\u00e1 habilitada y no ha sido modificada de forma que sea m\\u00e1s vulnerable a los ataques de tipo XSS.\"}]",
      "id": "CVE-2021-39161",
      "lastModified": "2024-11-21T06:18:45.420",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N\", \"baseScore\": 4.4, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 1.3, \"impactScore\": 2.7}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N\", \"baseScore\": 5.4, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.3, \"impactScore\": 2.7}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:H/Au:S/C:N/I:P/A:N\", \"baseScore\": 2.1, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"HIGH\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 3.9, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2021-08-26T20:15:07.463",
      "references": "[{\"url\": \"https://github.com/discourse/discourse/security/advisories/GHSA-xhmc-9jwm-wqph\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/discourse/discourse/security/advisories/GHSA-xhmc-9jwm-wqph\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
      "sourceIdentifier": "security-advisories@github.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-39161\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2021-08-26T20:15:07.463\",\"lastModified\":\"2024-11-21T06:18:45.420\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Discourse is an open source platform for community discussion. In affected versions category names can be used for Cross-site scripting(XSS) attacks. This is mitigated by Discourse\u0027s default Content Security Policy and this vulnerability only affects sites which have modified or disabled or changed Discourse\u0027s default Content Security Policy have allowed for moderators to modify categories. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. Users are advised to ensure that the Content Security Policy is enabled, and has not been modified in a way which would make it more vulnerable to XSS attacks.\"},{\"lang\":\"es\",\"value\":\"Discourse es una plataforma de c\u00f3digo abierto para el debate comunitario. En las versiones afectadas los nombres de las categor\u00edas pueden ser usados para ataques de tipo Cross-site scripting (XSS). Esto es mitigado por la Pol\u00edtica de Seguridad de Contenidos por predeterminada de Discourse y esta vulnerabilidad s\u00f3lo afecta a los sitios que han modificado o deshabilitado o cambiado la Pol\u00edtica de Seguridad de Contenidos predeterminada de Discourse han permitido a los moderadores modificar las categor\u00edas. Este problema est\u00e1 parcheado en las \u00faltimas versiones estables, beta y de prueba de Discourse. Se aconseja a usuarios que se aseguren de que la Pol\u00edtica de Seguridad de Contenidos est\u00e1 habilitada y no ha sido modificada de forma que sea m\u00e1s vulnerable a los ataques de tipo XSS.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":4.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.3,\"impactScore\":2.7},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":5.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.3,\"impactScore\":2.7}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:H/Au:S/C:N/I:P/A:N\",\"baseScore\":2.1,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"HIGH\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:discourse:discourse:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.7.8\",\"matchCriteriaId\":\"2A85C6E2-A78D-47B2-AE03-A12AE6A2E8BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:discourse:discourse:2.8.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E7F8AC4-35D1-45E5-8A3A-B0205000A5D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:discourse:discourse:2.8.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9AE12FE-0396-4843-8D30-D8C44FAE01DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:discourse:discourse:2.8.0:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"F101AEAB-4FB7-4BE3-931B-595702D616C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:discourse:discourse:2.8.0:beta4:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6878B7F-2691-4D3F-8116-CB282FDAAAC7\"}]}]}],\"references\":[{\"url\":\"https://github.com/discourse/discourse/security/advisories/GHSA-xhmc-9jwm-wqph\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/discourse/discourse/security/advisories/GHSA-xhmc-9jwm-wqph\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
  }
}

FKIE_CVE-2021-39161

Vulnerability from fkie_nvd - Published: 2021-08-26 20:15 - Updated: 2024-11-21 06:18

Severity ?

4.4 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Summary

References

	URL	Tags
	security-advisories@github.com	https://github.com/discourse/discourse/security/advisories/GHSA-xhmc-9jwm-wqph	Third Party Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://github.com/discourse/discourse/security/advisories/GHSA-xhmc-9jwm-wqph	Third Party Advisory

Impacted products

Vendor	Product	Version
discourse	discourse	*
discourse	discourse	2.8.0
discourse	discourse	2.8.0
discourse	discourse	2.8.0
discourse	discourse	2.8.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:discourse:discourse:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A85C6E2-A78D-47B2-AE03-A12AE6A2E8BD",
              "versionEndExcluding": "2.7.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:discourse:discourse:2.8.0:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "9E7F8AC4-35D1-45E5-8A3A-B0205000A5D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:discourse:discourse:2.8.0:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "B9AE12FE-0396-4843-8D30-D8C44FAE01DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:discourse:discourse:2.8.0:beta3:*:*:*:*:*:*",
              "matchCriteriaId": "F101AEAB-4FB7-4BE3-931B-595702D616C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:discourse:discourse:2.8.0:beta4:*:*:*:*:*:*",
              "matchCriteriaId": "F6878B7F-2691-4D3F-8116-CB282FDAAAC7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Discourse is an open source platform for community discussion. In affected versions category names can be used for Cross-site scripting(XSS) attacks. This is mitigated by Discourse\u0027s default Content Security Policy and this vulnerability only affects sites which have modified or disabled or changed Discourse\u0027s default Content Security Policy have allowed for moderators to modify categories. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. Users are advised to ensure that the Content Security Policy is enabled, and has not been modified in a way which would make it more vulnerable to XSS attacks."
    },
    {
      "lang": "es",
      "value": "Discourse es una plataforma de c\u00f3digo abierto para el debate comunitario. En las versiones afectadas los nombres de las categor\u00edas pueden ser usados para ataques de tipo Cross-site scripting (XSS). Esto es mitigado por la Pol\u00edtica de Seguridad de Contenidos por predeterminada de Discourse y esta vulnerabilidad s\u00f3lo afecta a los sitios que han modificado o deshabilitado o cambiado la Pol\u00edtica de Seguridad de Contenidos predeterminada de Discourse han permitido a los moderadores modificar las categor\u00edas. Este problema est\u00e1 parcheado en las \u00faltimas versiones estables, beta y de prueba de Discourse. Se aconseja a usuarios que se aseguren de que la Pol\u00edtica de Seguridad de Contenidos est\u00e1 habilitada y no ha sido modificada de forma que sea m\u00e1s vulnerable a los ataques de tipo XSS."
    }
  ],
  "id": "CVE-2021-39161",
  "lastModified": "2024-11-21T06:18:45.420",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 2.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:H/Au:S/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.3,
        "impactScore": 2.7,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-08-26T20:15:07.463",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/discourse/discourse/security/advisories/GHSA-xhmc-9jwm-wqph"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/discourse/discourse/security/advisories/GHSA-xhmc-9jwm-wqph"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2021-39161

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2021-39161

Aliases

CVE-2021-39161

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2021-39161",
    "description": "Discourse is an open source platform for community discussion. In affected versions category names can be used for Cross-site scripting(XSS) attacks. This is mitigated by Discourse\u0027s default Content Security Policy and this vulnerability only affects sites which have modified or disabled or changed Discourse\u0027s default Content Security Policy have allowed for moderators to modify categories. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. Users are advised to ensure that the Content Security Policy is enabled, and has not been modified in a way which would make it more vulnerable to XSS attacks.",
    "id": "GSD-2021-39161"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-39161"
      ],
      "details": "Discourse is an open source platform for community discussion. In affected versions category names can be used for Cross-site scripting(XSS) attacks. This is mitigated by Discourse\u0027s default Content Security Policy and this vulnerability only affects sites which have modified or disabled or changed Discourse\u0027s default Content Security Policy have allowed for moderators to modify categories. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. Users are advised to ensure that the Content Security Policy is enabled, and has not been modified in a way which would make it more vulnerable to XSS attacks.",
      "id": "GSD-2021-39161",
      "modified": "2023-12-13T01:23:16.184876Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security-advisories@github.com",
        "ID": "CVE-2021-39161",
        "STATE": "PUBLIC",
        "TITLE": "Cross-site scripting via category name in Discourse"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "discourse",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "\u003c 2.7.8 "
                        },
                        {
                          "version_value": "\u003e= 2.8.0.beta1, \u003c 2.8.0.beta4"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "discourse"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Discourse is an open source platform for community discussion. In affected versions category names can be used for Cross-site scripting(XSS) attacks. This is mitigated by Discourse\u0027s default Content Security Policy and this vulnerability only affects sites which have modified or disabled or changed Discourse\u0027s default Content Security Policy have allowed for moderators to modify categories. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. Users are advised to ensure that the Content Security Policy is enabled, and has not been modified in a way which would make it more vulnerable to XSS attacks."
          }
        ]
      },
      "impact": {
        "cvss": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://github.com/discourse/discourse/security/advisories/GHSA-xhmc-9jwm-wqph",
            "refsource": "CONFIRM",
            "url": "https://github.com/discourse/discourse/security/advisories/GHSA-xhmc-9jwm-wqph"
          }
        ]
      },
      "source": {
        "advisory": "GHSA-xhmc-9jwm-wqph",
        "discovery": "UNKNOWN"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:discourse:discourse:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "2.7.8",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:discourse:discourse:2.8.0:beta1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:discourse:discourse:2.8.0:beta2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:discourse:discourse:2.8.0:beta3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:discourse:discourse:2.8.0:beta4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2021-39161"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Discourse is an open source platform for community discussion. In affected versions category names can be used for Cross-site scripting(XSS) attacks. This is mitigated by Discourse\u0027s default Content Security Policy and this vulnerability only affects sites which have modified or disabled or changed Discourse\u0027s default Content Security Policy have allowed for moderators to modify categories. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. Users are advised to ensure that the Content Security Policy is enabled, and has not been modified in a way which would make it more vulnerable to XSS attacks."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-79"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/discourse/discourse/security/advisories/GHSA-xhmc-9jwm-wqph",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://github.com/discourse/discourse/security/advisories/GHSA-xhmc-9jwm-wqph"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "NONE",
            "baseScore": 2.1,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:H/Au:S/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "LOW",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "exploitabilityScore": 2.3,
          "impactScore": 2.7
        }
      },
      "lastModifiedDate": "2021-09-01T16:58Z",
      "publishedDate": "2021-08-26T20:15Z"
    }
  }
}

CNVD-2021-100594

Vulnerability from cnvd - Published: 2021-12-17

Title

Discourse跨站脚本漏洞（CNVD-2021-100594）

Description

Discourse是一套开源的社区讨论平台。该平台包括社区、电子邮件和聊天室等功能。 Discourse存在跨站脚本漏洞，攻击者可利用该漏洞进行XSS攻击。

Severity

低

Patch Name

Discourse跨站脚本漏洞（CNVD-2021-100594）的补丁

Patch Description

Discourse是一套开源的社区讨论平台。该平台包括社区、电子邮件和聊天室等功能。 Discourse存在跨站脚本漏洞，攻击者可利用该漏洞进行XSS攻击。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://github.com/discourse/discourse/security/advisories/GHSA-xhmc-9jwm-wqph

Reference

https://github.com/discourse/discourse/security/advisories/GHSA-xhmc-9jwm-wqph

Impacted products

Name
Discourse Discourse

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2021-39161",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2021-39161"
    }
  },
  "description": "Discourse\u662f\u4e00\u5957\u5f00\u6e90\u7684\u793e\u533a\u8ba8\u8bba\u5e73\u53f0\u3002\u8be5\u5e73\u53f0\u5305\u62ec\u793e\u533a\u3001\u7535\u5b50\u90ae\u4ef6\u548c\u804a\u5929\u5ba4\u7b49\u529f\u80fd\u3002\n\nDiscourse\u5b58\u5728\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u8fdb\u884cXSS\u653b\u51fb\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://github.com/discourse/discourse/security/advisories/GHSA-xhmc-9jwm-wqph",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2021-100594",
  "openTime": "2021-12-17",
  "patchDescription": "Discourse\u662f\u4e00\u5957\u5f00\u6e90\u7684\u793e\u533a\u8ba8\u8bba\u5e73\u53f0\u3002\u8be5\u5e73\u53f0\u5305\u62ec\u793e\u533a\u3001\u7535\u5b50\u90ae\u4ef6\u548c\u804a\u5929\u5ba4\u7b49\u529f\u80fd\u3002\r\n\r\nDiscourse\u5b58\u5728\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u8fdb\u884cXSS\u653b\u51fb\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Discourse\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff08CNVD-2021-100594\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "Discourse Discourse"
  },
  "referenceLink": "https://github.com/discourse/discourse/security/advisories/GHSA-xhmc-9jwm-wqph",
  "serverity": "\u4f4e",
  "submitTime": "2021-09-03",
  "title": "Discourse\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff08CNVD-2021-100594\uff09"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2021-39161 (GCVE-0-2021-39161)

FKIE_CVE-2021-39161

GSD-2021-39161

CNVD-2021-100594

Tags

Sightings

Nomenclature