CVE-2019-17625 — CRITICAL (9.0)

Vulnerability Description

There is a stored XSS in Rambox 0.6.9 that can lead to code execution. The XSS is in the name field while adding/editing a service. The problem occurs due to incorrect sanitization of the name field when being processed and stored. This allows a user to craft a payload for Node.js and Electron, such as an exec of OS commands within the onerror attribute of an IMG element.

CVSS Score

9.0

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Rambox	Rambox	0.6.9

Related Weaknesses (CWE)

CWE-78 CWE-79

References

https://github.com/ramboxapp/community-edition/issues/2418ExploitIssue TrackingThird Party Advisory
https://github.com/ramboxapp/community-edition/issues/2418ExploitIssue TrackingThird Party Advisory

FAQ

What is CVE-2019-17625?

CVE-2019-17625 is a vulnerability with a CVSS score of 9.0 (CRITICAL). There is a stored XSS in Rambox 0.6.9 that can lead to code execution. The XSS is in the name field while adding/editing a service. The problem occurs due to incorrect sanitization of the name field w...

How severe is CVE-2019-17625?

CVE-2019-17625 has been rated CRITICAL with a CVSS base score of 9.0/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2019-17625?

Check the references section above for vendor advisories and patch information. Affected products include: Rambox Rambox.