FKIE_CVE-2020-8985
Vulnerability from fkie_nvd - Published: 2020-03-24 21:15 - Updated: 2024-11-21 05:39
Severity ?
Summary
ZendTo prior to 5.22-2 Beta allowed reflected XSS and CSRF via the unlock.tpl unlock user functionality.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://zend.to/changelog.php | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://zend.to/changelog.php | Release Notes, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zend:zendto:3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9E510C95-DB58-4000-A755-306D8A13A05E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2E97FAC5-C21A-49FA-B97F-4F1C81E03A94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "EA65A67E-C0DD-477C-A3F2-D40D20875BDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "F74E1CB4-B3BC-48FF-A4E1-172D7FDD02BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:3.20:*:*:*:*:*:*:*",
"matchCriteriaId": "91A76CC3-7D8E-4CE1-AC2E-AE6ACF6E9456",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:3.51:*:*:*:*:*:*:*",
"matchCriteriaId": "0EF5C019-8243-462C-A632-449847A454A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:3.52:*:*:*:*:*:*:*",
"matchCriteriaId": "824FC1B4-2F96-43E7-B759-4C20B871AE9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:3.53:*:*:*:*:*:*:*",
"matchCriteriaId": "E2AF484D-2783-467F-B8F2-958ABC163984",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:3.54:*:*:*:*:*:*:*",
"matchCriteriaId": "0070A0EA-5054-4A80-933C-30E657F20901",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:3.55:*:*:*:*:*:*:*",
"matchCriteriaId": "62C30A2D-A079-4727-9392-F6B098AE0D0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:3.56-2:*:*:*:*:*:*:*",
"matchCriteriaId": "D5261340-140A-468D-8042-B85AC1821977",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:3.57:*:*:*:*:*:*:*",
"matchCriteriaId": "46E58AFE-D214-4F7E-A11D-BD7A24FD0F2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:3.58:*:*:*:*:*:*:*",
"matchCriteriaId": "7D90BCAB-3EE1-4A53-8539-9C0B7D3684AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:3.59:*:*:*:*:*:*:*",
"matchCriteriaId": "85904FF2-1F6F-4EFE-BFF8-D5AB882A0C2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:3.60:*:*:*:*:*:*:*",
"matchCriteriaId": "D185FFE0-627D-408B-B70E-D75D2707F0F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:3.61:*:*:*:*:*:*:*",
"matchCriteriaId": "9BF8B5D7-AE77-4887-ABC4-A7DDE2467690",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:3.62:*:*:*:*:*:*:*",
"matchCriteriaId": "751C4F79-D60F-4EBE-8655-F10F7252754E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:3.63:*:*:*:*:*:*:*",
"matchCriteriaId": "F5909E32-7989-4657-BA02-961D4E30B12E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:3.64:*:*:*:*:*:*:*",
"matchCriteriaId": "E498D1A6-5D52-4689-A9C3-E1A34E87A15E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:3.65:*:*:*:*:*:*:*",
"matchCriteriaId": "DE5C0B26-5713-47FD-BB10-D8A66FE35844",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:3.70-2:*:*:*:*:*:*:*",
"matchCriteriaId": "854C539A-C9C6-42B8-BE34-9AD10A146B41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:3.71:*:*:*:*:*:*:*",
"matchCriteriaId": "BB9C6AEF-9BAD-4649-9DFA-56D58B0016AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:3.72:*:*:*:*:*:*:*",
"matchCriteriaId": "0F031D38-06ED-409C-951E-6F193704FA09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:3.73:*:*:*:*:*:*:*",
"matchCriteriaId": "A13F2C8D-1F1C-4B5B-B3EA-E612F3F0445E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:3.74:*:*:*:*:*:*:*",
"matchCriteriaId": "24F9816B-8607-4EC5-ACB5-2C10B3593B0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:3.75:*:*:*:*:*:*:*",
"matchCriteriaId": "333CB7A3-DCDD-41B8-99B9-94094ADBA244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:3.90:*:*:*:*:*:*:*",
"matchCriteriaId": "817089E0-B795-4155-9C9C-BBD494DD9A8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:3.91:*:*:*:*:*:*:*",
"matchCriteriaId": "E3F6F9D6-EDD4-4EA2-B2CB-155066FE7FA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:3.92:*:*:*:*:*:*:*",
"matchCriteriaId": "8E9A54C5-1AC1-4D00-9617-0B063232F19F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:3.93:*:*:*:*:*:*:*",
"matchCriteriaId": "69723F09-27F9-4552-AD4F-4B78A4BA7680",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:3.94:*:*:*:*:*:*:*",
"matchCriteriaId": "18DD63D0-8A4D-4497-A208-627A62E2F28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:4.00:*:*:*:*:*:*:*",
"matchCriteriaId": "E92086FD-7FE7-46E2-9430-87C78A0268AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:4.01:*:*:*:*:*:*:*",
"matchCriteriaId": "2D84A13A-C889-4083-8441-1FE743847A3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:4.02:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB3EF67-4D08-4DDC-B601-5D9F00464694",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:4.03-3:*:*:*:*:*:*:*",
"matchCriteriaId": "006D7A44-8573-4FF6-BBE7-8C9518E143CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:4.05-2:*:*:*:*:*:*:*",
"matchCriteriaId": "CA6D16A1-2481-4B47-A0FC-2FCF3153E47C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:4.06-2:*:*:*:*:*:*:*",
"matchCriteriaId": "5381907E-1341-4884-BC66-40ACEEC8B101",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:4.07-1:*:*:*:*:*:*:*",
"matchCriteriaId": "ABE0C7E6-B806-48E3-9F81-17A0929A4B0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:4.08-4:*:*:*:*:*:*:*",
"matchCriteriaId": "F58C02DF-F24C-46CC-A096-57A24446EB31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:4.09-1:*:*:*:*:*:*:*",
"matchCriteriaId": "E025DC7D-5BF2-4B8D-97E3-6017C53FD82F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:4.10-4:*:*:*:*:*:*:*",
"matchCriteriaId": "91377F42-3AE7-465C-AF97-13F5E3062A9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:4.10-5:*:*:*:*:*:*:*",
"matchCriteriaId": "9D84D638-9921-45CD-961E-3DBC20516767",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:4.11-1:*:*:*:*:*:*:*",
"matchCriteriaId": "9BB5D444-17B1-4A66-AC98-9C9A85355310",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:4.11-2:*:*:*:*:*:*:*",
"matchCriteriaId": "C5F369D9-56FB-41F1-8D45-3565EBA98FF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:4.11-3:*:*:*:*:*:*:*",
"matchCriteriaId": "97AAD0F3-C54A-4DFB-9C72-BACE392AB30B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:4.11-4:*:*:*:*:*:*:*",
"matchCriteriaId": "289CB602-06A2-4DF7-B9DC-BAFD7FC1FEA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:4.11-5:*:*:*:*:*:*:*",
"matchCriteriaId": "81C93EF8-1189-49E9-AB98-58BA79E04F6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:4.11-7:*:*:*:*:*:*:*",
"matchCriteriaId": "56B8A398-4A25-4C5B-95C8-7EE48FE72406",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:4.11-8:*:*:*:*:*:*:*",
"matchCriteriaId": "5E93F880-9636-4D19-9EF9-D24EF990635D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:4.11-9:*:*:*:*:*:*:*",
"matchCriteriaId": "674611D3-EAB1-45AC-BD2A-890BDE07A57E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:4.11-10:*:*:*:*:*:*:*",
"matchCriteriaId": "1620FA37-B729-43E5-B9C8-3D958EA09FC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:4.11-11:*:*:*:*:*:*:*",
"matchCriteriaId": "0D94AE99-BBA4-47CA-973D-FB1DEE759ACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:4.11-12:*:*:*:*:*:*:*",
"matchCriteriaId": "AB110DEC-24EF-403D-99A3-B1F1A8E13E3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:4.11-13:*:*:*:*:*:*:*",
"matchCriteriaId": "55EB5A87-5929-45AB-9F58-CC769ED870A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:4.11-14:*:*:*:*:*:*:*",
"matchCriteriaId": "C29073D1-B17D-4E96-8F6A-D3164B4713CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:4.12-5:*:*:*:*:*:*:*",
"matchCriteriaId": "E9323C16-298F-4D0D-AF66-B1949B1D79B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:4.12-6:*:*:*:*:*:*:*",
"matchCriteriaId": "850FEDEE-0069-4D30-B3D0-92248EA2E24A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:4.13-1:*:*:*:*:*:*:*",
"matchCriteriaId": "413B0DBE-05C2-44A5-BD33-2D9772B17D70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:4.20-2:*:*:*:*:*:*:*",
"matchCriteriaId": "F77D045B-66B7-46A4-9CF1-0F4E7BABF58D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:4.20-3:*:*:*:*:*:*:*",
"matchCriteriaId": "F68017AA-9F66-46A1-9D50-8C9A3A94374A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:4.20-5:*:*:*:*:*:*:*",
"matchCriteriaId": "099D0807-8BD2-4F35-9479-EDDF4CE51891",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:4.20-6:*:*:*:*:*:*:*",
"matchCriteriaId": "CAF216D1-3FAF-4526-A0E1-C64301CF6A03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:4.20-7:*:*:*:*:*:*:*",
"matchCriteriaId": "A6935891-556C-4C03-BE9C-1F9A8DF700F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:4.25-3:*:*:*:*:*:*:*",
"matchCriteriaId": "D665C6C3-FCF5-406D-8C2F-1299BB5603DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:4.27-1:*:*:*:*:*:*:*",
"matchCriteriaId": "33B4056A-418D-4E89-B0B2-D49C1FE965DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:4.27-2:*:*:*:*:*:*:*",
"matchCriteriaId": "8D04D9A6-D588-4393-975D-94C1C319B16E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:4.27-4:*:*:*:*:*:*:*",
"matchCriteriaId": "AB5B93CC-63DB-4353-B74A-685EDB9C13DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:4.27-5:*:*:*:*:*:*:*",
"matchCriteriaId": "430E2A0D-A373-445D-9F46-BEF04A7D87A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:4.27-6:*:*:*:*:*:*:*",
"matchCriteriaId": "69B503FF-B49E-4C0B-ACAC-C83BEBDD272E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:4.27-7:*:*:*:*:*:*:*",
"matchCriteriaId": "D22FE479-1DC5-47F6-8D53-3D1EEC0F171C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:4.28-1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3B4CD3A-E4F7-4C8F-92A2-527F6195ECDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:4.28-2:*:*:*:*:*:*:*",
"matchCriteriaId": "75C68607-4DA3-4FFB-9DA0-2D113E6C3E99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.00-1:*:*:*:*:*:*:*",
"matchCriteriaId": "B7978E32-1102-41C0-9C40-9C5669358572",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.00-2:*:*:*:*:*:*:*",
"matchCriteriaId": "59BCFB48-9532-44C9-BD29-697F75CDF226",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.01-5:*:*:*:*:*:*:*",
"matchCriteriaId": "DE9A93AE-9756-495B-8DB5-81517DB4CBAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.02-5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4DA0E72-AC39-49C2-A943-9A7560B6FD14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.03-1:*:*:*:*:*:*:*",
"matchCriteriaId": "6920B83A-227A-4589-A079-D770985B57E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.04-7:*:*:*:*:*:*:*",
"matchCriteriaId": "D00D2212-C33D-4E3E-B63A-6D847AA46227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.09-13:*:*:*:*:*:*:*",
"matchCriteriaId": "D6C3C582-C753-4C79-8C43-908CAEE4A10F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.10-1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E23015E-6261-4264-995F-04E717D0E45D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.10-2:*:*:*:*:*:*:*",
"matchCriteriaId": "71DB7AF2-42DF-427B-8967-9DF5B4A3221B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.11-1:*:*:*:*:*:*:*",
"matchCriteriaId": "150EDCA8-AC17-4BB7-ACAD-E0565A6171BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.11-2:*:*:*:*:*:*:*",
"matchCriteriaId": "2E16EF78-72CB-451F-9620-4A352B55686A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.11-3:*:*:*:*:*:*:*",
"matchCriteriaId": "2DA77357-1521-4128-9945-F80E17C90622",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.11-4:*:*:*:*:*:*:*",
"matchCriteriaId": "D0A6B52D-8DD1-4F07-AB59-A3F4EF7A1CBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.11-5:*:*:*:*:*:*:*",
"matchCriteriaId": "139F1C8D-EDB5-4A6B-BBBA-B6B5E757AA67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.11-6:*:*:*:*:*:*:*",
"matchCriteriaId": "FE87246E-983B-4C57-B5F6-09FE7233314D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.12-3:beta:*:*:*:*:*:*",
"matchCriteriaId": "A7DBA217-6D72-4EF7-8EDC-51652DBFB337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.12-4:beta:*:*:*:*:*:*",
"matchCriteriaId": "FE8A676F-A14B-438D-B29B-73E17FD5783D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.12-6:beta:*:*:*:*:*:*",
"matchCriteriaId": "C245AEA9-318D-4332-8C60-BAC905D2851C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.12-7:beta:*:*:*:*:*:*",
"matchCriteriaId": "DB518734-89A0-4013-BA78-DAED57D08E96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.12-8:beta:*:*:*:*:*:*",
"matchCriteriaId": "DBFEF7A1-B8FA-4E8E-84E7-A10F62608560",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.13-1:*:*:*:*:*:*:*",
"matchCriteriaId": "94EB2416-213E-411A-9C6E-EF7746BB126A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.13-2:*:*:*:*:*:*:*",
"matchCriteriaId": "0259E131-F884-4D03-B040-FF2F10618E1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.14-2:beta:*:*:*:*:*:*",
"matchCriteriaId": "1EE99612-3D07-454D-9464-12CB4871B45B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.14-5:beta:*:*:*:*:*:*",
"matchCriteriaId": "B4A84EFD-E355-40D8-BBC5-07B6BDF2634E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.15-1:*:*:*:*:*:*:*",
"matchCriteriaId": "2E98E206-DC52-48F3-9C7A-66AD986E2B83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.16-1:beta:*:*:*:*:*:*",
"matchCriteriaId": "11804D32-D5AB-4D1D-8AA0-C882EE3C48AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.16-4:beta:*:*:*:*:*:*",
"matchCriteriaId": "B9C353FE-2B25-4979-96F2-2C154DF99147",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.16-5:beta:*:*:*:*:*:*",
"matchCriteriaId": "FE383161-CEE6-41AA-B4B8-24C1C2E4207B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.16-7:beta:*:*:*:*:*:*",
"matchCriteriaId": "4986D341-DE24-4D03-8F1E-0DE68F83237E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.16-8:beta:*:*:*:*:*:*",
"matchCriteriaId": "92DA6408-1649-42C2-98F5-027F5FF744AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.16.6:beta:*:*:*:*:*:*",
"matchCriteriaId": "CF3EE8A9-00CF-4682-93BB-80512D3B6A61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.17-1:*:*:*:*:*:*:*",
"matchCriteriaId": "7BFA1A19-337F-4DAD-B567-1A4B10220130",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.17-2:*:*:*:*:*:*:*",
"matchCriteriaId": "243A496F-E854-4AE2-85A1-A0EC54CB7D61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.17-3:*:*:*:*:*:*:*",
"matchCriteriaId": "0F090ECF-DBFD-460C-B61A-DFCC542649D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.17-4:*:*:*:*:*:*:*",
"matchCriteriaId": "90A4739E-2884-4CEF-9106-DDE1E5CF59FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.17-5:beta:*:*:*:*:*:*",
"matchCriteriaId": "28EAB0A7-359A-401A-A319-54A4D933EBEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.17-6:*:*:*:*:*:*:*",
"matchCriteriaId": "3107F8A6-76C7-4F14-84BB-D02DE1F0B8FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.18-1:beta:*:*:*:*:*:*",
"matchCriteriaId": "AA15FA89-A668-4829-8BBE-1C2D444503D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.18-2:beta:*:*:*:*:*:*",
"matchCriteriaId": "65FA2100-286B-46A9-949F-6224E5487BFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.19-1:production:*:*:*:*:*:*",
"matchCriteriaId": "01B43454-DD28-4433-8D01-36835F6E23EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.20-1:beta:*:*:*:*:*:*",
"matchCriteriaId": "B522FAD0-F5ED-4C1A-8F1C-E775E0F1CE1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.20-2:beta:*:*:*:*:*:*",
"matchCriteriaId": "3EDCF613-6ACE-4122-A16E-9DB3D41AA32A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.20-3:beta:*:*:*:*:*:*",
"matchCriteriaId": "03445BE9-536E-4634-9FC0-649CE516D9F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.20-5:beta:*:*:*:*:*:*",
"matchCriteriaId": "B34E8184-52EA-4071-880D-8EB331659C54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.20-6:beta:*:*:*:*:*:*",
"matchCriteriaId": "CE17A727-94D0-43A1-B533-54268F9F8EAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.20-7:beta:*:*:*:*:*:*",
"matchCriteriaId": "FA985C38-CBB7-4ABA-91C0-628B6AB0DACD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.20-8:beta:*:*:*:*:*:*",
"matchCriteriaId": "7AF6F333-912F-41DD-80DD-2308531A12ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.20-9:beta:*:*:*:*:*:*",
"matchCriteriaId": "7DBA6B5B-ED2C-4DBD-96D8-49E60EEFF246",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.21-1:production:*:*:*:*:*:*",
"matchCriteriaId": "AA94A3F4-B8BF-4566-B534-4C48A6CB4899",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.21-2:production:*:*:*:*:*:*",
"matchCriteriaId": "1B5230E9-F91C-45BA-A429-60966473903F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zendto:5.22-1:beta:*:*:*:*:*:*",
"matchCriteriaId": "6B3847E9-66AA-454D-95DA-FA54E8A4B838",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ZendTo prior to 5.22-2 Beta allowed reflected XSS and CSRF via the unlock.tpl unlock user functionality."
},
{
"lang": "es",
"value": "ZendTo versiones anteriores a 5.22-2 Beta, permit\u00eda unos ataques de tipo XSS y CSRF reflejado por medio de la funcionalidad unlock user unlock.tpl."
}
],
"id": "CVE-2020-8985",
"lastModified": "2024-11-21T05:39:46.797",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-03-24T21:15:15.473",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://zend.to/changelog.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://zend.to/changelog.php"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
},
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…