CVE-2020-4047Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in Wordpress

CWE-80Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)6 documents4 sources
Severity
6.8MEDIUMNVD
EPSS
5.6%
top 9.70%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
WordpressDebian WordpressWordpress Wordpress-develop+2 more
Timeline
PublishedJun 12
Latest updateJun 18

Description

In affected versions of WordPress, authenticated users with upload permissions (like authors) are able to inject JavaScript into some media file attachment pages in a certain way. This can lead to script execution in the context of a higher privileged user when the file is viewed by them. This has been patched in version 5.4.2, along with all the previously affected versions via a minor release (5.3.4, 5.2.7, 5.1.6, 5.0.10, 4.9.15, 4.8.14, 4.7.18, 4.6.19, 4.5.22, 4.4.23, 4.3.24, 4.2.28, 4.1.31,

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:NExploitability: 2.3 | Impact: 4.0

Affected Packages4 packages

debiandebian/wordpress< wordpress 5.4.2+dfsg1-1 (bookworm)
NVDwordpress/wordpress3.73.7.34+17
Debianwordpress/wordpress< 5.4.2+dfsg1-1+3
CVEListV5wordpress/wordpress-develop18 versions+17

Also affects: Debian Linux 10.0, 8.0, 9.0, Fedora 32, 33

Patches

Patch: github.comPatch: github.com

🔴Vulnerability Details

1
OSV
CVE-2020-4047: In affected versions of WordPress, authenticated users with upload permissions (like authors) are able to inject JavaScript into some media file attac2020-06-12

📋Vendor Advisories

1
Debian
CVE-2020-4047: wordpress - In affected versions of WordPress, authenticated users with upload permissions (...2020

💬Community

3
Bugzilla
CVE-2020-4047 wordpress: authenticated XSS via media attachment page [epel-all]2020-06-18
Bugzilla
CVE-2020-4047 wordpress: authenticated XSS via media attachment page2020-06-18
Bugzilla
CVE-2020-4047 wordpress: authenticated XSS via media attachment page [fedora-all]2020-06-18