Vulnerability Details : CVE-2019-20436
An issue was discovered in WSO2 API Manager 2.6.0, WSO2 IS as Key Manager 5.7.0, and WSO2 Identity Server 5.8.0. If there is a claim dialect configured with an XSS payload in the dialect URI, and a user picks up this dialect's URI and adds it as the service provider claim dialect while configuring the service provider, that payload gets executed. The attacker also needs to have privileges to log in to the management console, and to add and configure claim dialects.
Vulnerability category: Cross site scripting (XSS)
Products affected by CVE-2019-20436
- cpe:2.3:a:wso2:identity_server:5.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:wso2:identity_server:5.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:wso2:api_manager:2.6.0:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2019-20436
0.14%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 50 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2019-20436
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:P/A:N |
8.6
|
2.9
|
NIST | |
6.1
|
MEDIUM | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
2.8
|
2.7
|
MITRE | |
6.1
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
2.8
|
2.7
|
NIST |
CWE ids for CVE-2019-20436
-
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.Assigned by: nvd@nist.gov (Primary)
References for CVE-2019-20436
-
https://cybersecurityworks.com/zerodays/cve-2019-20436-wso2.html
CVE-2019-20436 - Stored Cross-Site Scripting (XSS) in WSO2 ProductExploit;Third Party Advisory
-
https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2019-0634
Security Advisory WSO2-2019-0634 - WSO2 Platform Security - WSO2 DocumentationVendor Advisory
-
https://github.com/cybersecurityworks/Disclosed/issues/19
Stored Cross Site Scripting (XSS) in WSO2 Product (WSO2 Identity Server version 5.7.0) · Issue #19 · cybersecurityworks/Disclosed · GitHubExploit;Third Party Advisory
Jump to