| Vulnerability Name: | CVE-2018-20149 (CCN-154332) | ||||||||||||||||||||||||||||||||||||
| Assigned: | 2018-12-13 | ||||||||||||||||||||||||||||||||||||
| Published: | 2018-12-13 | ||||||||||||||||||||||||||||||||||||
| Updated: | 2019-03-04 | ||||||||||||||||||||||||||||||||||||
| Summary: | In WordPress before 4.9.9 and 5.x before 5.0.1, when the Apache HTTP Server is used, authors could upload crafted files that bypass intended MIME type restrictions, leading to XSS, as demonstrated by a .jpg file without JPEG data. | ||||||||||||||||||||||||||||||||||||
| CVSS v3 Severity: | 5.4 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N) 5.2 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:H/RL:O/RC:C)
5.2 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:H/RL:O/RC:C)
| ||||||||||||||||||||||||||||||||||||
| CVSS v2 Severity: | 3.5 Low (CVSS v2 Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N)
| ||||||||||||||||||||||||||||||||||||
| Vulnerability Type: | CWE-79 | ||||||||||||||||||||||||||||||||||||
| Vulnerability Consequences: | Cross-Site Scripting | ||||||||||||||||||||||||||||||||||||
| References: | Source: MITRE Type: CNA CVE-2018-20149 Source: BID Type: Third Party Advisory, VDB Entry 106220 Source: MISC Type: Product, Vendor Advisory https://codex.wordpress.org/Version_4.9.9 Source: XF Type: UNKNOWN wp-cve201820149-xss(154332) Source: MISC Type: Patch, Third Party Advisory https://github.com/WordPress/WordPress/commit/246a70bdbfac3bd45ff71c7941deef1bb206b19a Source: MLIST Type: Mailing List, Third Party Advisory [debian-lts-announce] 20190211 [SECURITY] [DLA 1673-1] wordpress security update Source: CCN Type: WordPress Web site WordPress 5.0.1 Security Release Source: MISC Type: Release Notes, Vendor Advisory https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/ Source: MISC Type: Release Notes, Vendor Advisory https://wordpress.org/support/wordpress-version/version-5-0-1/ Source: MISC Type: Vendor Advisory https://wpvulndb.com/vulnerabilities/9175 Source: DEBIAN Type: Third Party Advisory DSA-4401 Source: MISC Type: Press/Media Coverage, Third Party Advisory https://www.zdnet.com/article/wordpress-plugs-bug-that-led-to-google-indexing-some-user-passwords/ | ||||||||||||||||||||||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||||||||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||
| BACK | |||||||||||||||||||||||||||||||||||||