Vulnerability Details : CVE-2021-36760
In accountrecoveryendpoint/recoverpassword.do in WSO2 Identity Server 5.7.0, it is possible to perform a DOM-Based XSS attack affecting the callback parameter modifying the URL that precedes the callback parameter. Once the username or password reset procedure is completed, the JavaScript code will be executed. (recoverpassword.do also has an open redirect issue for a similar reason.)
Vulnerability category: Cross site scripting (XSS)Open redirect
Products affected by CVE-2021-36760
- cpe:2.3:a:wso2:identity_server:5.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:wso2:identity_server:5.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:wso2:identity_server:5.9.0:*:*:*:*:*:*:*
- cpe:2.3:a:wso2:identity_server:5.10.0:*:*:*:*:*:*:*
- cpe:2.3:a:wso2:identity_server:5.11.0:*:*:*:*:*:*:*
- cpe:2.3:a:wso2:iot_server:3.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:wso2:api_manager:3.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:wso2:api_manager:3.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:wso2:api_manager:3.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:wso2:api_manager:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:wso2:identity_server_as_key_manager:5.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:wso2:identity_server_as_key_manager:5.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:wso2:identity_server_as_key_manager:5.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:wso2:identity_server_as_key_manager:5.9.0:*:*:*:*:*:*:*
- cpe:2.3:a:wso2:identity_server_as_key_manager:5.10.0:*:*:*:*:*:*:*
- cpe:2.3:a:wso2:identity_server_as_key_manager:5.3.0:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2021-36760
0.08%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 37 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2021-36760
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:P/A:N |
8.6
|
2.9
|
NIST | |
6.1
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
2.8
|
2.7
|
NIST |
CWE ids for CVE-2021-36760
-
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.Assigned by: nvd@nist.gov (Primary)
References for CVE-2021-36760
-
https://docs.wso2.com/display/Security/2021+Advisories
2021 Advisories - WSO2 Platform Security - WSO2 DocumentationVendor Advisory
-
https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2021-1314
Security Advisory WSO2-2021-1314 - WSO2 Platform Security - WSO2 DocumentationVendor Advisory
Jump to