Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2020-20269
HistoryJan 26, 2021 - 6:15 p.m.

CVE-2020-20269

2021-01-2618:15:41
[email protected]
web.nvd.nist.gov
17
3
cve-2020-20269
caret editor
markdown
javascript
nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.4 High

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.3%

JSON

A specially crafted Markdown document could cause the execution of malicious JavaScript code in Caret Editor before 4.0.0-rc22.

Affected configurations

NVD
Node
caretcaretRange3.4.6
OR
caretcaretMatch4.0.0beta0
OR
caretcaretMatch4.0.0beta1
OR
caretcaretMatch4.0.0beta2
OR
caretcaretMatch4.0.0beta3
OR
caretcaretMatch4.0.0beta4
OR
caretcaretMatch4.0.0beta5
OR
caretcaretMatch4.0.0beta6
OR
caretcaretMatch4.0.0beta7
OR
caretcaretMatch4.0.0beta8
OR
caretcaretMatch4.0.0beta9
OR
caretcaretMatch4.0.0rc1
OR
caretcaretMatch4.0.0rc10
OR
caretcaretMatch4.0.0rc11
OR
caretcaretMatch4.0.0rc12
OR
caretcaretMatch4.0.0rc13
OR
caretcaretMatch4.0.0rc14
OR
caretcaretMatch4.0.0rc15
OR
caretcaretMatch4.0.0rc16
OR
caretcaretMatch4.0.0rc17
OR
caretcaretMatch4.0.0rc18
OR
caretcaretMatch4.0.0rc19
OR
caretcaretMatch4.0.0rc2
OR
caretcaretMatch4.0.0rc20
OR
caretcaretMatch4.0.0rc21

Social References

More

Related

nvd 1
cvelist 1
osv 1
prion 1
nvd
nvd
CVE-2020-20269
2021-01-26 18:15:41
cvelist
cvelist
CVE-2020-20269
2021-01-22 18:42:54
osv
osv
CVE-2020-20269
2021-01-26 18:15:41
prion
prion
Code injection
2021-01-26 18:15:00

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.4 High

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.3%

JSON
Related for CVE-2020-20269
nvd1cvelist1osv1prion1