Vulnerability CVE-2020-6802

Vulnerability Name:

CVE-2020-6802 (CCN-178672)

Assigned:

2020-02-19

Published:

2020-02-19

Updated:

2022-10-06

Summary:

In Mozilla Bleach before 3.11, a mutation XSS affects users calling bleach.clean with noscript and a raw tag in the allowed/whitelisted tags option.

CVSS v3 Severity:

6.1 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
5.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:H/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): None

6.1 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
5.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:H/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

5.5 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): None

Vulnerability Type:

CWE-79

Vulnerability Consequences:

Cross-Site Scripting

References:

Source: MITRE
Type: CNA
CVE-2020-6802

Source: MISC
Type: Exploit, Third Party Advisory
https://advisory.checkmarx.net/advisory/CX-2020-4276

Source: XF
Type: UNKNOWN
mozilla-bleach-cve20206802-xss(178672)

Source: CCN
Type: Bleach GIT Repository
mutation XSS in bleach.clean when noscript and raw tag whitelisted

Source: MISC
Type: Third Party Advisory
https://github.com/mozilla/bleach/security/advisories/GHSA-q65m-pv3f-wr5r

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2020-e1fa96c506

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2020-827b677e15

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2020-e9c8bdd1e3

Source: MISC
Type: Exploit, Third Party Advisory
https://www.checkmarx.com/blog/vulnerabilities-discovered-in-mozilla-bleach

Source: CCN
Type: IBM Security Bulletin 6211861 (PowerAI)
A security vulnerability has been identified in Bleach shipped with IBM Watson Machine Learning Community Edition (WMLCE)

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2020-6802

Vulnerable Configuration:

Configuration 1:

cpe:/a:mozilla:bleach:*:*:*:*:*:*:*:* (Version < 3.1.1)

Configuration 2:

cpe:/o:fedoraproject:fedora:30:*:*:*:*:*:*:*

OR cpe:/o:fedoraproject:fedora:31:*:*:*:*:*:*:*

OR cpe:/o:fedoraproject:fedora:32:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20206802	V	CVE-2020-6802	2022-06-30
oval:org.opensuse.security:def:113577	P	weblate-4.8.1-1.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:113256	P	python36-bleach-3.3.0-1.4 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:74756	P	Security update for go1.16 (Moderate)	2021-12-23
oval:org.opensuse.security:def:106668	P	python36-bleach-3.3.0-1.4 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:106963	P	weblate-4.8.1-1.1 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:64569	P	Security update for libesmtp (Important)	2021-09-03
oval:org.opensuse.security:def:63460	P	tiff-4.0.9-5.27.5 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:62758	P	gvim-8.0.1568-5.14.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62761	P	ibus-chewing-1.6.1-1.53 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62786	P	libgxps-devel-0.3.0-4.3.29 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62754	P	gnome-shell-search-provider-nautilus-3.34.3-4.3.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:100290	P	(Important)	2021-06-07
oval:org.opensuse.security:def:64511	P	Security update for python-httplib2 (Moderate)	2021-05-31
oval:org.opensuse.security:def:64681	P	Security update for p7zip (Moderate)	2021-05-04
oval:org.opensuse.security:def:74623	P	Security update for bcc (Moderate)	2021-04-07
oval:org.opensuse.security:def:93577	P	(Moderate)	2021-02-02
oval:org.opensuse.security:def:62964	P	libtool-32bit-2.4.6-1.406 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63257	P	davfs2-1.5.4-1.4 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63607	P	PackageKit-gstreamer-plugin-1.1.13-2.16 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:64302	P	libXfont-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:63836	P	Security update for cpio (Moderate)	2020-12-01
oval:org.opensuse.security:def:64409	P	libyaml-0-2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:64165	P	Security update for spice-gtk (Moderate)	2020-12-01
oval:org.opensuse.security:def:64301	P	libXfixes-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:110418	P	Security update for python-bleach (Important)	2020-03-07
oval:com.ubuntu.bionic:def:202068020000000	V	CVE-2020-6802 on Ubuntu 18.04 LTS (bionic) - medium.	2020-02-27
oval:com.ubuntu.xenial:def:202068020000000	V	CVE-2020-6802 on Ubuntu 16.04 LTS (xenial) - medium.	2020-02-27

BACK