Lucene search

GitHub_MCVELIST:CVE-2020-26295

HistoryJan 21, 2021 - 1:40 p.m.

CVE-2020-26295 CMS Editor code execution

2021-01-2113:40:19

CWE-434

CWE-22

GitHub_M

www.cve.org

8.7 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N

8.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

55.1%

JSON

OpenMage is a community-driven alternative to Magento CE. In OpenMage before versions 19.4.10 and 20.0.5, an administrator with permission to import/export data and to edit cms pages was able to inject an executable file on the server via layout xml. The latest OpenMage Versions up from 19.4.9 and 20.0.5 have this Issue solved

CNA Affected

[
  {
    "product": "magento-lts",
    "vendor": "OpenMage",
    "versions": [
      {
        "status": "affected",
        "version": "< 19.4.10"
      },
      {
        "status": "affected",
        "version": ">= 20.0.0, < 20.0.6"
      }
    ]
  }
]

References

github.com/OpenMage/magento-lts/commit/9cf8c0aa1d1306051a18ace08d40279dadc1fb35

github.com/OpenMage/magento-lts/releases/tag/v19.4.10

github.com/OpenMage/magento-lts/security/advisories/GHSA-52c6-6v3v-f3fg

8.7 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N

8.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

55.1%

JSON

Related for CVELIST:CVE-2020-26295