Vulnerability Details : CVE-2020-13959
The default error page for VelocityView in Apache Velocity Tools prior to 3.1 reflects back the vm file that was entered as part of the URL. An attacker can set an XSS payload file as this vm file in the URL which results in this payload being executed. XSS vulnerabilities allow attackers to execute arbitrary JavaScript in the context of the attacked website and the attacked user. This can be abused to steal session cookies, perform requests in the name of the victim or for phishing attacks.
Vulnerability category: Cross site scripting (XSS)
Products affected by CVE-2020-13959
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:velocity_tools:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-13959
0.70%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 80 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2020-13959
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:P/A:N |
8.6
|
2.9
|
NIST | |
6.1
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
2.8
|
2.7
|
NIST |
CWE ids for CVE-2020-13959
-
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.Assigned by:
- nvd@nist.gov (Primary)
- security@apache.org (Secondary)
References for CVE-2020-13959
-
https://lists.apache.org/thread.html/r97edad0655770342d2d36620fb1de50b142fcd6c4f5c53dd72ca41d7@%3Cuser.velocity.apache.org%3E
Re: CVE-2020-13959: Velocity Tools XSS Vulnerability - Pony MailMailing List;Vendor Advisory
-
https://lists.apache.org/thread.html/r6802a38c3041059e763a1aadd7b37fe95de75408144b5805e29b84e3%40%3Cuser.velocity.apache.org%3E
CVE-2020-13959: Velocity Tools XSS Vulnerability - Pony MailMailing List;Vendor Advisory
-
http://www.openwall.com/lists/oss-security/2021/03/10/2
oss-security - CVE-2020-13959: Velocity Tools XSS VulnerabilityMailing List;Third Party Advisory
-
https://lists.debian.org/debian-lts-announce/2021/03/msg00021.html
[SECURITY] [DLA 2597-1] velocity-tools security updateMailing List;Third Party Advisory
-
https://lists.apache.org/thread.html/rb042f3b0090e419cc9f5a3d32cf0baff283ccd6fcb1caea61915d6b6@%3Ccommits.velocity.apache.org%3E
[velocity-site] 01/01: CVE announcement - Pony MailMailing List;Patch;Vendor Advisory
-
https://security.gentoo.org/glsa/202107-52
Apache Velocity: Multiple vulnerabilities (GLSA 202107-52) — Gentoo securityThird Party Advisory
-
https://lists.apache.org/thread.html/rf9868c564cff7adfd5283563f2309b93b3e496354a211a57503b2f72@%3Cannounce.apache.org%3E
CVE-2020-13959: Velocity Tools XSS Vulnerability - Pony MailMailing List;Vendor Advisory
-
https://lists.apache.org/thread.html/r6802a38c3041059e763a1aadd7b37fe95de75408144b5805e29b84e3@%3Cuser.velocity.apache.org%3E
CVE-2020-13959: Velocity Tools XSS Vulnerability - Pony MailMailing List;Vendor Advisory
Jump to