Lucene search
MozillaCVELIST:CVE-2020-6803HistoryFeb 28, 2020 - 10:34 p.m.
CVE-2020-6803 Open redirect in Mozilla WebThings Gateway
2020-02-2822:34:00
CWE-601
mozilla
www.cve.org
2
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
AI Score
7.2
Confidence
High
EPSS
0.001
Percentile
33.8%
An open redirect is present on the gateway’s login page, which could cause a user to be redirected to a malicious site after logging in.
CNA Affected
[
{
"product": "WebThings Gateway",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "0.3.0*",
"status": "affected",
"version": "0.3.0",
"versionType": "custom"
},
{
"lessThan": "0.12.0",
"status": "affected",
"version": "0.12.0",
"versionType": "custom"
}
]
}
]References
Related
cve
cve
CVE-2020-6803
2020-02-28 23:15:11
CVE-2020-6804
2020-02-28 23:15:11
prion
prion
Open redirect
2020-02-28 23:15:00
Cross site scripting
2020-02-28 23:15:00
nvd
nvd
CVE-2020-6803
2020-02-28 23:15:11
CVE-2020-6804
2020-02-28 23:15:11
osv
osv
CVE-2020-6804
2020-02-28 23:15:11
cvelist
cvelist
CVE-2020-6804 XSS in Mozilla WebThings Gateway
2020-02-28 22:38:38
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
AI Score
7.2
Confidence
High
EPSS
0.001
Percentile
33.8%
Related for CVELIST:CVE-2020-6803