CVE-2021-41156

{"id": "CVE-2021-41156", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.3}, {"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 4.0, "exploitabilityScore": 2.3}]}, "published": "2021-10-18T21:15:08.547", "references": [{"url": "https://github.com/anuko/timetracker/security/advisories/GHSA-g9cc-m4p4-6xpc", "tags": ["Third Party Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}, {"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "anuko/timetracker is an, open source time tracking system. In affected versions Time Tracker uses browser_today hidden control on a few pages to collect the today's date from user browsers. Because of not checking this parameter for sanity in versions prior to 1.19.30.5601, it was possible to craft an html form with malicious JavaScript, use social engineering to convince logged on users to execute a POST from such form, and have the attacker-supplied JavaScript to be executed in user's browser. This has been patched in version 1.19.30.5600. Upgrade is recommended. If it is not practical, introduce ttValidDbDateFormatDate function as in the latest version and add a call to it within the access checks block."}, {"lang": "es", "value": "anuko/timetracker es un sistema de seguimiento de tiempo de c\u00f3digo abierto. En las versiones afectadas Time Tracker usa el control oculto browser_today en algunas p\u00e1ginas para recoger la fecha de hoy de los navegadores de los usuarios. Debido a que no era comprobada el saneo de este par\u00e1metro en las versiones anteriores a 1.19.30.5601, era posible dise\u00f1ar un formulario html con JavaScript malicioso, usar la ingenier\u00eda social para convencer a usuarios registrados de que ejecutaran un POST desde dicho formulario y hacer que el JavaScript suministrado por el atacante sea ejecutado en el navegador del usuario. Esto ha sido parcheado en la versi\u00f3n 1.19.30.5600. Se recomienda la actualizaci\u00f3n. Si no es pr\u00e1ctico, introduzca la funci\u00f3n ttValidDbDateFormatDate como en la \u00faltima versi\u00f3n y a\u00f1ada una llamada a ella dentro del bloque de comprobaci\u00f3n de acceso"}], "lastModified": "2021-10-22T16:15:05.113", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:timetracker_project:timetracker:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D02C4869-D43E-45E0-814A-000F77A76BCD", "versionEndExcluding": "1.19.30.5601"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}