CVE-2020-7680
published 2020-07-20CVE-2020-7680: docsify prior to 4.11.4 is susceptible to Cross-site Scripting (XSS). Docsify.js uses fragment identifiers (parameters after # sign) to load resources from…
PriorityP341medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EXPLOIT
EPSS
4.50%
90.3th percentile
docsify prior to 4.11.4 is susceptible to Cross-site Scripting (XSS). Docsify.js uses fragment identifiers (parameters after # sign) to load resources from server-side .md files. Due to lack of validation here, it is possible to provide external URLs after the /#/ (domain.com/#//attacker.com) and render arbitrary JavaScript/HTML inside docsify page.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | nifi | — | — |
| docsifyjs | docsify | < 4.11.4 | 4.11.4 |
| docsifyjs | docsify | < 4.12.0 | 4.12.0 |
| docsifyjs | docsify | >= 0 < 4.11.4 | 4.11.4 |
| docsifyjs | docsify | >= 0 < 4.12.0 | 4.12.0 |
| docsifyjs | docsify | >= unspecified < 4.12.0 | 4.12.0 |
CVSS provenance
nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
ghsa6.1MEDIUM
osv6.1MEDIUM
vendor_apache5.5LOW
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Cross-site Scripting in docsify
ghsa·2021-05-18
CVE-2020-7680 [MEDIUM] CWE-79 Cross-site Scripting in docsify
Cross-site Scripting in docsify
docsify prior to 4.11.4 is susceptible to Cross-site Scripting (XSS). Docsify.js uses fragment identifiers (parameters after # sign) to load resources from server-side .md files. Due to lack of validation here, it is possible to provide external URLs after the /#/ (domain.com/#//attacker.com) and render arbitrary JavaScript/HTML inside docsify page.
OSV
Cross-site Scripting in docsify
osv·2021-05-18
CVE-2020-7680 [MEDIUM] Cross-site Scripting in docsify
Cross-site Scripting in docsify
docsify prior to 4.11.4 is susceptible to Cross-site Scripting (XSS). Docsify.js uses fragment identifiers (parameters after # sign) to load resources from server-side .md files. Due to lack of validation here, it is possible to provide external URLs after the /#/ (domain.com/#//attacker.com) and render arbitrary JavaScript/HTML inside docsify page.
OSV
Docsify XSS Vulnerability
osv·2021-03-01·CVSS 6.1
CVE-2021-23342 [MEDIUM] Docsify XSS Vulnerability
Docsify XSS Vulnerability
This affects the package docsify before 4.12.0. It is possible to bypass the remediation done by CVE-2020-7680 and execute malicious JavaScript through the following methods 1) When parsing HTML from remote URLs, the HTML code on the main page is sanitized, but this sanitization is not taking place in the sidebar. 2) The isURL external check can be bypassed by inserting more `////` characters
GHSA
Docsify XSS Vulnerability
ghsa·2021-03-01·CVSS 6.1
CVE-2021-23342 [MEDIUM] CWE-79 Docsify XSS Vulnerability
Docsify XSS Vulnerability
This affects the package docsify before 4.12.0. It is possible to bypass the remediation done by CVE-2020-7680 and execute malicious JavaScript through the following methods 1) When parsing HTML from remote URLs, the HTML code on the main page is sanitized, but this sanitization is not taking place in the sidebar. 2) The isURL external check can be bypassed by inserting more `////` characters
Apache
Apache nifi: CVE-2020-13940
vendor_apache·CVSS 5.5
CVE-2020-13940 [LOW] Apache nifi: CVE-2020-13940
Apache nifi: CVE-2020-13940
Title: Potential Information Disclosure through XML External Entity Resolution in Notification Service Published: 2020-08-18 Severity: Low Products: Apache NiFi Affected Versions: 1.0.0 to 1.11.4 Fixed Versions: 1.12.0 Reporter: Matt Burgess and Andy LoPresto References CVE Record: CVE-2020-13940 NVD Record: CVE-2020-13940 Apache Jira Issue: NIFI-7680 GitHub Pull Request: 4436 The notification service manager and various policy authorizer and user group provider objects allowed trusted administrators to inadvertently configure a potentially malicious XML file. The XML file has the ability to make external calls to services through XML External Entity resolution. NiFi 1.12.0 introduced an XML validator to prevent malicious code from being parsed and executed. Use
No detection rules found.
No writeups or analysis indexed.
http://packetstormsecurity.com/files/158515/Docsify.js-4.11.4-Cross-Site-Scripting.htmlhttp://packetstormsecurity.com/files/161495/docsify-4.11.6-Cross-Site-Scripting.htmlhttp://seclists.org/fulldisclosure/2021/Feb/71https://github.com/docsifyjs/docsify/issues/1126https://github.com/docsifyjs/docsify/pull/1128https://snyk.io/vuln/SNYK-JS-DOCSIFY-567099http://packetstormsecurity.com/files/158515/Docsify.js-4.11.4-Cross-Site-Scripting.htmlhttp://packetstormsecurity.com/files/161495/docsify-4.11.6-Cross-Site-Scripting.htmlhttp://seclists.org/fulldisclosure/2021/Feb/71https://github.com/docsifyjs/docsify/issues/1126https://github.com/docsifyjs/docsify/pull/1128https://snyk.io/vuln/SNYK-JS-DOCSIFY-567099
2020-07-20
Published