CVE-2018-1000874 - OpenCVE

PHP cebe markdown parser version 1.2.0 and earlier contains a Cross Site Scripting (XSS) vulnerability in all distributed parsers allowing a malicious crafted script to be executed that can result in the lose of user data and sensitive user information. This attack can be exploited by crafting a three backtick wrapped payload with a character in front: L: "```<script>alert();</script>```". NOTE: This has been argued as a non-issue (see references) since it is not the parser's job to sanitize malicious code from a parsed document

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cebe	Markdown

Configuration 1 [-]

cpe:2.3:a:cebe:markdown:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/cebe/markdown/issues/166
https://github.com/cebe/markdown/issues/166#issuecomment-508230493

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2018-12-20T17:00:00

Updated: 2024-08-05T12:47:57.498Z

Reserved: 2018-12-05T00:00:00

Link: CVE-2018-1000874

Vulnrichment

No data.

NVD

Status : Modified

Published: 2018-12-20T17:29:00.957

Modified: 2024-08-05T13:15:40.893

Link: CVE-2018-1000874

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "dateAssigned": "2018-12-19T00:00:00", "datePublic": "2018-12-20T00:00:00", "descriptions": [{"lang": "en", "value": "PHP cebe markdown parser version 1.2.0 and earlier contains a Cross Site Scripting (XSS) vulnerability in all distributed parsers allowing a malicious crafted script to be executed that can result in the lose of user data and sensitive user information. This attack can be exploited by crafting a three backtick wrapped payload with a character in front: L: \"```<script>alert();</script>```\". NOTE: This has been argued as a non-issue (see references) since it is not the parser's job to sanitize malicious code from a parsed document"}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-07-08T18:44:46", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/cebe/markdown/issues/166"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/cebe/markdown/issues/166#issuecomment-508230493"}], "tags": ["disputed"], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "DATE_ASSIGNED": "2018-12-19T20:52:45.261247", "DATE_REQUESTED": "2018-12-05T15:20:20", "ID": "CVE-2018-1000874", "REQUESTER": "stayysalty@protonmail.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "** DISPUTED ** PHP cebe markdown parser version 1.2.0 and earlier contains a Cross Site Scripting (XSS) vulnerability in all distributed parsers allowing a malicious crafted script to be executed that can result in the lose of user data and sensitive user information. This attack can be exploited by crafting a three backtick wrapped payload with a character in front: L: \"```<script>alert();</script>```\". NOTE: This has been argued as a non-issue (see references) since it is not the parser's job to sanitize malicious code from a parsed document."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://github.com/cebe/markdown/issues/166", "refsource": "MISC", "url": "https://github.com/cebe/markdown/issues/166"}, {"name": "https://github.com/cebe/markdown/issues/166#issuecomment-508230493", "refsource": "MISC", "url": "https://github.com/cebe/markdown/issues/166#issuecomment-508230493"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T12:47:57.498Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/cebe/markdown/issues/166"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/cebe/markdown/issues/166#issuecomment-508230493"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-1000874", "datePublished": "2018-12-20T17:00:00", "dateReserved": "2018-12-05T00:00:00", "dateUpdated": "2024-08-05T12:47:57.498Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cebe:markdown:*:*:*:*:*:*:*:*", "matchCriteriaId": "4F59E405-8117-4402-B0EC-F246785DC7BA", "versionEndIncluding": "1.2.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [{"sourceIdentifier": "cve@mitre.org", "tags": ["disputed"]}], "descriptions": [{"lang": "en", "value": "PHP cebe markdown parser version 1.2.0 and earlier contains a Cross Site Scripting (XSS) vulnerability in all distributed parsers allowing a malicious crafted script to be executed that can result in the lose of user data and sensitive user information. This attack can be exploited by crafting a three backtick wrapped payload with a character in front: L: \"```<script>alert();</script>```\". NOTE: This has been argued as a non-issue (see references) since it is not the parser's job to sanitize malicious code from a parsed document"}, {"lang": "es", "value": "** EN DISPUTA ** PHP cebe markdown parser, en versiones 1.2.0 y anteriores, contiene una vulnerabilidad Cross-Site Scripting (XSS) en todos los analizadores distribuidos que permite que un script maliciosamente manipulado se ejecute, lo que resulta en la p\u00e9rdida de datos y de informaci\u00f3n sensible del usuario. Este ataque puede explotarse manipulando una carga \u00fatil envuelta en tres acentos graves con un car\u00e1cter delante: L: \"``````\". NOTA: Esto se ha argumentado como un no-problema (ver referencias) ya que no es tarea del analizador sanear el c\u00f3digo malicioso de un documento analizado."}], "id": "CVE-2018-1000874", "lastModified": "2024-08-05T13:15:40.893", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-12-20T17:29:00.957", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"], "url": "https://github.com/cebe/markdown/issues/166"}, {"source": "cve@mitre.org", "url": "https://github.com/cebe/markdown/issues/166#issuecomment-508230493"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}