CVE-2018-1000670 - OpenCVE

KOHA Library System version 16.11.x (up until 16.11.13) and 17.05.x (up until 17.05.05) contains a Cross Site Scripting (XSS) vulnerability in Multiple fields on multiple pages including /cgi-bin/koha/acqui/supplier.pl?op=enter , /cgi-bin/koha/circ/circulation.pl?borrowernumber=[number] , /cgi-bin/koha/serials/subscription-add.pl that can result in Privilege escalation by taking control of higher privileged users browser sessions. This attack appear to be exploitable via Victims must be socially engineered to visit a vulnerable webpage containing malicious payload. This vulnerability appears to have been fixed in 17.11.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Koha	Koha

Configuration 1 [-]

OR	cpe:2.3:a:koha:koha::::::::
	cpe:2.3:a:koha:koha::::::::

No data.

References

Link	Providers
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=19086

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2018-09-06T19:00:00Z

Updated: 2024-09-16T16:18:56.437Z

Reserved: 2018-09-06T00:00:00Z

Link: CVE-2018-1000670

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2018-09-06T19:29:00.627

Modified: 2018-11-07T18:39:36.173

Link: CVE-2018-1000670

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "dateAssigned": "2018-09-03T00:00:00", "descriptions": [{"lang": "en", "value": "KOHA Library System version 16.11.x (up until 16.11.13) and 17.05.x (up until 17.05.05) contains a Cross Site Scripting (XSS) vulnerability in Multiple fields on multiple pages including /cgi-bin/koha/acqui/supplier.pl?op=enter , /cgi-bin/koha/circ/circulation.pl?borrowernumber=[number] , /cgi-bin/koha/serials/subscription-add.pl that can result in Privilege escalation by taking control of higher privileged users browser sessions. This attack appear to be exploitable via Victims must be socially engineered to visit a vulnerable webpage containing malicious payload. This vulnerability appears to have been fixed in 17.11."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-09-06T19:00:00Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=19086"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "DATE_ASSIGNED": "2018-09-03T16:07:16.980429", "DATE_REQUESTED": "2018-08-24T17:52:47", "ID": "CVE-2018-1000670", "REQUESTER": "jiakyooi95@hotmail.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "KOHA Library System version 16.11.x (up until 16.11.13) and 17.05.x (up until 17.05.05) contains a Cross Site Scripting (XSS) vulnerability in Multiple fields on multiple pages including /cgi-bin/koha/acqui/supplier.pl?op=enter , /cgi-bin/koha/circ/circulation.pl?borrowernumber=[number] , /cgi-bin/koha/serials/subscription-add.pl that can result in Privilege escalation by taking control of higher privileged users browser sessions. This attack appear to be exploitable via Victims must be socially engineered to visit a vulnerable webpage containing malicious payload. This vulnerability appears to have been fixed in 17.11."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=19086", "refsource": "CONFIRM", "url": "https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=19086"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T12:40:47.953Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=19086"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-1000670", "datePublished": "2018-09-06T19:00:00Z", "dateReserved": "2018-09-06T00:00:00Z", "dateUpdated": "2024-09-16T16:18:56.437Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:koha:koha:*:*:*:*:*:*:*:*", "matchCriteriaId": "3248F696-8686-4093-94DE-2D30EBE76239", "versionEndIncluding": "16.11.13", "versionStartIncluding": "16.11.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:koha:koha:*:*:*:*:*:*:*:*", "matchCriteriaId": "20CF4C18-0421-40BA-BAFD-712040BE657A", "versionEndIncluding": "17.05.05", "versionStartIncluding": "17.05.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "KOHA Library System version 16.11.x (up until 16.11.13) and 17.05.x (up until 17.05.05) contains a Cross Site Scripting (XSS) vulnerability in Multiple fields on multiple pages including /cgi-bin/koha/acqui/supplier.pl?op=enter , /cgi-bin/koha/circ/circulation.pl?borrowernumber=[number] , /cgi-bin/koha/serials/subscription-add.pl that can result in Privilege escalation by taking control of higher privileged users browser sessions. This attack appear to be exploitable via Victims must be socially engineered to visit a vulnerable webpage containing malicious payload. This vulnerability appears to have been fixed in 17.11."}, {"lang": "es", "value": "KOHA Library System en versiones 16.11.x (hasta la 16.11.13) y versiones 17.05.x (hasta la 17.05.05) contiene una vulnerabilidad Cross-Site Scripting (XSS) en m\u00faltiples campos de m\u00faltiples p\u00e1ginas, incluyendo /cgi-bin/koha/acqui/supplier.pl?op=enter, /cgi-bin/koha/circ/circulation.pl?borrowernumber=[number] y /cgi-bin/koha/serials/subscription-add.pl. Esto puede resultar en un escalado de privilegios obteniendo el control de las sesiones de navegaci\u00f3n de usuarios con mayores privilegios. El ataque parece ser explotable si la v\u00edctima es enga\u00f1ada mediante ingenier\u00eda social para que visite una p\u00e1gina web vulnerable que contiene una carga \u00fatil maliciosa. La vulnerabilidad parece haber sido solucionada en la versi\u00f3n 17.11."}], "id": "CVE-2018-1000670", "lastModified": "2018-11-07T18:39:36.173", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-09-06T19:29:00.627", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Issue Tracking", "Vendor Advisory"], "url": "https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=19086"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}