CVE-2023-45280

Yamcs 5.8.6 allows XSS (issue 2 of 2). It comes with a Bucket as its primary storage mechanism. Buckets allow for the upload of any file. There's a way to upload an HTML file containing arbitrary JavaScript and then navigate to it. Once the user opens the file, the browser will execute the arbitrary JavaScript.

CVSS v3 5.4 MEDIUM

5.4^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.3 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://github.com/yamcs/yamcs/compare/yamcs-5.8.6...yamcs-5.8.7	Patch
https://www.linkedin.com/pulse/yamcs-vulnerability-assessment-visionspace-technologies	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:spaceapplications:yamcs:5.8.6:*:*:*:*:*:*:*

History

25 Oct 2023, 19:05

Type	Values Removed	Values Added
CPE		cpe:2.3:a:spaceapplications:yamcs:5.8.6:::::::*
First Time		Spaceapplications Spaceapplications yamcs
CWE		CWE-79
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.4
References	~~(MISC) https://github.com/yamcs/yamcs/compare/yamcs-5.8.6...yamcs-5.8.7 -~~	(MISC) https://github.com/yamcs/yamcs/compare/yamcs-5.8.6...yamcs-5.8.7 - Patch
References	~~(MISC) https://www.linkedin.com/pulse/yamcs-vulnerability-assessment-visionspace-technologies -~~	(MISC) https://www.linkedin.com/pulse/yamcs-vulnerability-assessment-visionspace-technologies - Exploit, Third Party Advisory

19 Oct 2023, 22:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-10-19 22:15

Updated : 2023-12-10 15:14

NVD link : CVE-2023-45280

Mitre link : CVE-2023-45280

CVE.ORG link : CVE-2023-45280

JSON object : View

Products Affected

spaceapplications

yamcs

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

5.4 /10