CVE-2017-17092 - OpenCVE

wp-includes/functions.php in WordPress before 4.9.1 does not require the unfiltered_html capability for upload of .js files, which might allow remote attackers to conduct XSS attacks via a crafted file.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:S/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Debian	Debian Linux
Wordpress	Wordpress

Configuration 1 [-]

cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:o:debian:debian_linux:7.0:::::::*
	cpe:2.3:o:debian:debian_linux:8.0:::::::*
	cpe:2.3:o:debian:debian_linux:9.0:::::::*

No data.

References

Link	Providers
http://www.securityfocus.com/bid/102024
https://codex.wordpress.org/Version_4.9.1
https://github.com/WordPress/WordPress/commit/67d03a98c2cae5f41843c897f206adde299b0509
https://lists.debian.org/debian-lts-announce/2017/12/msg00019.html
https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
https://wpvulndb.com/vulnerabilities/8966
https://www.debian.org/security/2018/dsa-4090

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2017-12-02T06:00:00

Updated: 2024-08-05T20:43:59.612Z

Reserved: 2017-12-02T00:00:00

Link: CVE-2017-17092

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2017-12-02T06:29:00.270

Modified: 2019-04-26T15:19:00.647

Link: CVE-2017-17092

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2017-12-02T00:00:00", "descriptions": [{"lang": "en", "value": "wp-includes/functions.php in WordPress before 4.9.1 does not require the unfiltered_html capability for upload of .js files, which might allow remote attackers to conduct XSS attacks via a crafted file."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-02-02T10:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "DSA-4090", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2018/dsa-4090"}, {"name": "[debian-lts-announce] 20171221 [SECURITY] [DLA 1216-1] wordpress security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00019.html"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/WordPress/WordPress/commit/67d03a98c2cae5f41843c897f206adde299b0509"}, {"name": "102024", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/102024"}, {"tags": ["x_refsource_MISC"], "url": "https://codex.wordpress.org/Version_4.9.1"}, {"tags": ["x_refsource_MISC"], "url": "https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/"}, {"tags": ["x_refsource_MISC"], "url": "https://wpvulndb.com/vulnerabilities/8966"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-17092", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "wp-includes/functions.php in WordPress before 4.9.1 does not require the unfiltered_html capability for upload of .js files, which might allow remote attackers to conduct XSS attacks via a crafted file."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "DSA-4090", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2018/dsa-4090"}, {"name": "[debian-lts-announce] 20171221 [SECURITY] [DLA 1216-1] wordpress security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00019.html"}, {"name": "https://github.com/WordPress/WordPress/commit/67d03a98c2cae5f41843c897f206adde299b0509", "refsource": "MISC", "url": "https://github.com/WordPress/WordPress/commit/67d03a98c2cae5f41843c897f206adde299b0509"}, {"name": "102024", "refsource": "BID", "url": "http://www.securityfocus.com/bid/102024"}, {"name": "https://codex.wordpress.org/Version_4.9.1", "refsource": "MISC", "url": "https://codex.wordpress.org/Version_4.9.1"}, {"name": "https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/", "refsource": "MISC", "url": "https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/"}, {"name": "https://wpvulndb.com/vulnerabilities/8966", "refsource": "MISC", "url": "https://wpvulndb.com/vulnerabilities/8966"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T20:43:59.612Z"}, "title": "CVE Program Container", "references": [{"name": "DSA-4090", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "https://www.debian.org/security/2018/dsa-4090"}, {"name": "[debian-lts-announce] 20171221 [SECURITY] [DLA 1216-1] wordpress security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00019.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/WordPress/WordPress/commit/67d03a98c2cae5f41843c897f206adde299b0509"}, {"name": "102024", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/102024"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://codex.wordpress.org/Version_4.9.1"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://wpvulndb.com/vulnerabilities/8966"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-17092", "datePublished": "2017-12-02T06:00:00", "dateReserved": "2017-12-02T00:00:00", "dateUpdated": "2024-08-05T20:43:59.612Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "matchCriteriaId": "8FA2AAEC-F362-4B60-B814-F77AB2636E3A", "versionEndExcluding": "4.9.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "wp-includes/functions.php in WordPress before 4.9.1 does not require the unfiltered_html capability for upload of .js files, which might allow remote attackers to conduct XSS attacks via a crafted file."}, {"lang": "es", "value": "wp-includes/functions.php en WordPress en versiones anteriores a la 4.9.1 no necesita la capacidad de unfiltered_html para subir archivos .js, lo que puede permitir que los atacantes remotos realicen ataques Cross-Site Scripting (XSS) mediante un archivo manipulado."}], "id": "CVE-2017-17092", "lastModified": "2019-04-26T15:19:00.647", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 3.5, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-12-02T06:29:00.270", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/102024"}, {"source": "cve@mitre.org", "tags": ["Release Notes", "Patch", "Vendor Advisory"], "url": "https://codex.wordpress.org/Version_4.9.1"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/WordPress/WordPress/commit/67d03a98c2cae5f41843c897f206adde299b0509"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00019.html"}, {"source": "cve@mitre.org", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://wpvulndb.com/vulnerabilities/8966"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2018/dsa-4090"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}