CVE-2018-1000086 - Vulnerability Details - OpenCVE

NPR Visuals Team Pym.js version versions 0.4.2 up to 1.3.1 contains a Cross ite Request Forgery (CSRF) vulnerability in Pym.js _onNavigateToMessage function. https://github.com/nprapps/pym.js/blob/master/src/pym.js#L573 that can result in Arbitrary javascript code execution. This attack appear to be exploitable via Attacker gains full javascript access to pages with Pym.js embeds when user visits an attacker crafted page.. This vulnerability appears to have been fixed in versions 1.3.2 and later.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Npr	Pym.js

Configuration 1 [-]

cpe:2.3:a:npr:pym.js:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://blog.apps.npr.org/2018/02/15/pym-security-vulnerability.html
https://github.com/nprapps/pym.js
https://github.com/nprapps/pym.js/issues/170

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2018-03-13T15:00:00

Updated: 2024-08-05T12:33:49.162Z

Reserved: 2018-02-21T00:00:00

Link: CVE-2018-1000086

Vulnrichment

No data.

NVD

Status : Modified

Published: 2018-03-13T15:29:01.177

Modified: 2024-11-21T03:39:36.707

Link: CVE-2018-1000086

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "dateAssigned": "2018-02-20T00:00:00", "datePublic": "2018-03-13T00:00:00", "descriptions": [{"lang": "en", "value": "NPR Visuals Team Pym.js version versions 0.4.2 up to 1.3.1 contains a Cross ite Request Forgery (CSRF) vulnerability in Pym.js _onNavigateToMessage function. https://github.com/nprapps/pym.js/blob/master/src/pym.js#L573 that can result in Arbitrary javascript code execution. This attack appear to be exploitable via Attacker gains full javascript access to pages with Pym.js embeds when user visits an attacker crafted page.. This vulnerability appears to have been fixed in versions 1.3.2 and later."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-03-13T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://blog.apps.npr.org/2018/02/15/pym-security-vulnerability.html"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/nprapps/pym.js/issues/170"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/nprapps/pym.js"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "DATE_ASSIGNED": "2/20/2018 9:05:59", "ID": "CVE-2018-1000086", "REQUESTER": "jelosua@npr.org", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "NPR Visuals Team Pym.js version versions 0.4.2 up to 1.3.1 contains a Cross ite Request Forgery (CSRF) vulnerability in Pym.js _onNavigateToMessage function. https://github.com/nprapps/pym.js/blob/master/src/pym.js#L573 that can result in Arbitrary javascript code execution. This attack appear to be exploitable via Attacker gains full javascript access to pages with Pym.js embeds when user visits an attacker crafted page.. This vulnerability appears to have been fixed in versions 1.3.2 and later."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://blog.apps.npr.org/2018/02/15/pym-security-vulnerability.html", "refsource": "MISC", "url": "http://blog.apps.npr.org/2018/02/15/pym-security-vulnerability.html"}, {"name": "https://github.com/nprapps/pym.js/issues/170", "refsource": "MISC", "url": "https://github.com/nprapps/pym.js/issues/170"}, {"name": "https://github.com/nprapps/pym.js", "refsource": "MISC", "url": "https://github.com/nprapps/pym.js"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T12:33:49.162Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://blog.apps.npr.org/2018/02/15/pym-security-vulnerability.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/nprapps/pym.js/issues/170"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/nprapps/pym.js"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-1000086", "datePublished": "2018-03-13T15:00:00", "dateReserved": "2018-02-21T00:00:00", "dateUpdated": "2024-08-05T12:33:49.162Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:npr:pym.js:*:*:*:*:*:*:*:*", "matchCriteriaId": "A94E7D5B-D4AD-4777-9924-DA9005AC4311", "versionEndIncluding": "1.3.1", "versionStartIncluding": "0.4.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "NPR Visuals Team Pym.js version versions 0.4.2 up to 1.3.1 contains a Cross ite Request Forgery (CSRF) vulnerability in Pym.js _onNavigateToMessage function. https://github.com/nprapps/pym.js/blob/master/src/pym.js#L573 that can result in Arbitrary javascript code execution. This attack appear to be exploitable via Attacker gains full javascript access to pages with Pym.js embeds when user visits an attacker crafted page.. This vulnerability appears to have been fixed in versions 1.3.2 and later."}, {"lang": "es", "value": "NPR Visuals Team Pym.js, desde la versi\u00f3n 0.4.2 hasta la 1.3.1, contiene una vulnerabilidad de Cross-Site Request Forgery (CSRF) en la funci\u00f3n _onNavigateToMessage en Pym.js. https://github.com/nprapps/pym.js/blob/master/src/pym.js#L573Esto puede resultar en la ejecuci\u00f3n de c\u00f3digo JavaScript arbitrario. Este ataque parece ser explotable si el atacante obtiene acceso JavaScript completo a las p\u00e1ginas con Pym.js embebido cuando el usuario visita una p\u00e1gina manipulada por el atacante. La vulnerabilidad parece haber sido solucionada en las versiones 1.3.2 y siguientes."}], "id": "CVE-2018-1000086", "lastModified": "2024-11-21T03:39:36.707", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-03-13T15:29:01.177", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://blog.apps.npr.org/2018/02/15/pym-security-vulnerability.html"}, {"source": "cve@mitre.org", "tags": ["Product"], "url": "https://github.com/nprapps/pym.js"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://github.com/nprapps/pym.js/issues/170"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://blog.apps.npr.org/2018/02/15/pym-security-vulnerability.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Product"], "url": "https://github.com/nprapps/pym.js"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://github.com/nprapps/pym.js/issues/170"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-352"}], "source": "nvd@nist.gov", "type": "Primary"}]}