Lucene search

MitreCVE-2021-36760

HistoryDec 07, 2021 - 9:15 p.m.

CVE-2021-36760

2021-12-0721:15:08

CWE-79

mitre

web.nvd.nist.gov

cve-2021-36760

dom-based xss

wso2 identity server

security vulnerability

account recovery

nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

36.7%

JSON

In accountrecoveryendpoint/recoverpassword.do in WSO2 Identity Server 5.7.0, it is possible to perform a DOM-Based XSS attack affecting the callback parameter modifying the URL that precedes the callback parameter. Once the username or password reset procedure is completed, the JavaScript code will be executed. (recoverpassword.do also has an open redirect issue for a similar reason.)

Affected configurations

Nvd

Node

wso2api_managerMatch3.0.0

wso2api_managerMatch3.1.0

wso2api_managerMatch3.2.0

wso2api_managerMatch4.0.0

wso2identity_serverMatch5.7.0

wso2identity_serverMatch5.8.0

wso2identity_serverMatch5.9.0

wso2identity_serverMatch5.10.0

wso2identity_serverMatch5.11.0

wso2identity_server_as_key_managerMatch5.3.0

wso2identity_server_as_key_managerMatch5.5.0

wso2identity_server_as_key_managerMatch5.6.0

wso2identity_server_as_key_managerMatch5.7.0

wso2identity_server_as_key_managerMatch5.9.0

wso2identity_server_as_key_managerMatch5.10.0

wso2iot_serverMatch3.3.1

VendorProductVersionCPE
wso2api_manager3.0.0cpe:2.3:a:wso2:api_manager:3.0.0:*:*:*:*:*:*:*
wso2api_manager3.1.0cpe:2.3:a:wso2:api_manager:3.1.0:*:*:*:*:*:*:*
wso2api_manager3.2.0cpe:2.3:a:wso2:api_manager:3.2.0:*:*:*:*:*:*:*
wso2api_manager4.0.0cpe:2.3:a:wso2:api_manager:4.0.0:*:*:*:*:*:*:*
wso2identity_server5.7.0cpe:2.3:a:wso2:identity_server:5.7.0:*:*:*:*:*:*:*
wso2identity_server5.8.0cpe:2.3:a:wso2:identity_server:5.8.0:*:*:*:*:*:*:*
wso2identity_server5.9.0cpe:2.3:a:wso2:identity_server:5.9.0:*:*:*:*:*:*:*
wso2identity_server5.10.0cpe:2.3:a:wso2:identity_server:5.10.0:*:*:*:*:*:*:*
wso2identity_server5.11.0cpe:2.3:a:wso2:identity_server:5.11.0:*:*:*:*:*:*:*
wso2identity_server_as_key_manager5.3.0cpe:2.3:a:wso2:identity_server_as_key_manager:5.3.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
wso2	api_manager	3.0.0	cpe:2.3:a:wso2:api_manager:3.0.0:::::::*
wso2	api_manager	3.1.0	cpe:2.3:a:wso2:api_manager:3.1.0:::::::*
wso2	api_manager	3.2.0	cpe:2.3:a:wso2:api_manager:3.2.0:::::::*
wso2	api_manager	4.0.0	cpe:2.3:a:wso2:api_manager:4.0.0:::::::*
wso2	identity_server	5.7.0	cpe:2.3:a:wso2:identity_server:5.7.0:::::::*
wso2	identity_server	5.8.0	cpe:2.3:a:wso2:identity_server:5.8.0:::::::*
wso2	identity_server	5.9.0	cpe:2.3:a:wso2:identity_server:5.9.0:::::::*
wso2	identity_server	5.10.0	cpe:2.3:a:wso2:identity_server:5.10.0:::::::*
wso2	identity_server	5.11.0	cpe:2.3:a:wso2:identity_server:5.11.0:::::::*
wso2	identity_server_as_key_manager	5.3.0	cpe:2.3:a:wso2:identity_server_as_key_manager:5.3.0:::::::*

Rows per page:

1-10 of 161

References

docs.wso2.com/display/Security/2021+Advisories

docs.wso2.com/display/Security/Security+Advisory+WSO2-2021-1314

Social References

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

36.7%

JSON

Related for CVE-2021-36760