Vulnerability Details : CVE-2021-23342
This affects the package docsify before 4.12.0. It is possible to bypass the remediation done by CVE-2020-7680 and execute malicious JavaScript through the following methods 1) When parsing HTML from remote URLs, the HTML code on the main page is sanitized, but this sanitization is not taking place in the sidebar. 2) The isURL external check can be bypassed by inserting more “////” characters
Vulnerability category: Cross site scripting (XSS)
Products affected by CVE-2021-23342
- cpe:2.3:a:docsifyjs:docsify:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2021-23342
0.19%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 56 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2021-23342
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:P/A:N |
8.6
|
2.9
|
NIST | |
6.1
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
2.8
|
2.7
|
NIST | |
8.6
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L |
3.9
|
4.7
|
Snyk |
CWE ids for CVE-2021-23342
-
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.Assigned by: nvd@nist.gov (Primary)
References for CVE-2021-23342
-
https://snyk.io/vuln/SNYK-JS-DOCSIFY-1066017
Cross-site Scripting (XSS) in docsify | SnykExploit;Third Party Advisory
-
https://github.com/docsifyjs/docsify/commit/ff2a66f12752471277fe81a64ad6c4b2c08111fe
fix: isExternal check with malformed URL + tests (#1510) · docsifyjs/docsify@ff2a66f · GitHubPatch;Third Party Advisory
-
http://seclists.org/fulldisclosure/2021/Feb/71
Full Disclosure: [KIS-2021-02] docsify <= 4.11.6 DOM-based Cross-Site Scripting VulnerabilityMailing List;Third Party Advisory
-
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1076593
Cross-site Scripting (XSS) in org.webjars.npm:docsify | SnykExploit;Third Party Advisory
-
http://packetstormsecurity.com/files/161495/docsify-4.11.6-Cross-Site-Scripting.html
docsify 4.11.6 Cross Site Scripting ≈ Packet StormExploit;Third Party Advisory
Jump to