CVE-2020-13959
Description
The default error page for VelocityView in Apache Velocity Tools prior to 3.1 reflects back the vm file that was entered as part of the URL. An attacker can set an XSS payload file as this vm file in the URL which results in this payload being executed. XSS vulnerabilities allow attackers to execute arbitrary JavaScript in the context of the attacked website and the attacked user. This can be abused to steal session cookies, perform requests in the name of the victim or for phishing attacks.
Risk Information
Base Score
6.1
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS Score
Exploitation Probability
3.207
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2020-13959 are fixed in Apache - velocity-tools-parent 3.1 | Windows |
| Vulnerabilities CVE-2020-13959 are affected in Apache - velocity-tools 2.0 | Windows |
| A subproject of the Apache Velocity project (USN-6282-1) libvelocity-tools-java_2.0-4_all.deb | Linux |
| A subproject of the Apache Velocity project (USN-6282-1) libvelocity-tools-java_2.0-7ubuntu0.20.04.1_all.deb | Linux |
| A subproject of the Apache Velocity project (USN-6282-1) libvelocity-tools-java_2.0-7_all.deb | Linux |
| Vulnerabilities CVE-2020-13959 are fixed in Apache - velocity-tools-parent for Linux 3.1 | Linux |
| Vulnerabilities CVE-2020-13959 are affected in Apache - velocity-tools for Linux 2.0 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234