CVE-2023-39955

Notes is a note-taking app for Nextcloud, an open-source cloud platform. Starting in version 4.4.0 and prior to version 4.8.0, when creating a note file with HTML, the content is rendered in the preview instead of the file being offered to download. Nextcloud Notes app version 4.8.0 contains a patch for the issue. No known workarounds are available.

CVSS v3 6.1 MEDIUM

6.1^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://github.com/nextcloud/notes/pull/1031	Patch
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-6g88-37x7-4vw6	Patch Vendor Advisory
https://hackerone.com/reports/1924355	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:nextcloud:notes:*:*:*:*:*:nextcloud:*:*

History

No history.

Information

Published : 2023-08-10 15:15

Updated : 2023-08-16 19:38

NVD link : CVE-2023-39955

Mitre link : CVE-2023-39955

CVE.ORG link : CVE-2023-39955

JSON object : View

Products Affected

nextcloud

notes

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

{"id": "CVE-2023-39955", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.5, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 2.1}]}, "published": "2023-08-10T15:15:09.807", "references": [{"url": "https://github.com/nextcloud/notes/pull/1031", "tags": ["Patch"], "source": "security-advisories@github.com"}, {"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-6g88-37x7-4vw6", "tags": ["Patch", "Vendor Advisory"], "source": "security-advisories@github.com"}, {"url": "https://hackerone.com/reports/1924355", "tags": ["Third Party Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Notes is a note-taking app for Nextcloud, an open-source cloud platform. Starting in version 4.4.0 and prior to version 4.8.0, when creating a note file with HTML, the content is rendered in the preview instead of the file being offered to download. Nextcloud Notes app version 4.8.0 contains a patch for the issue. No known workarounds are available."}, {"lang": "es", "value": "Notes es una aplicaci\u00f3n de toma de notas para Nextcloud, una plataforma en la nube de c\u00f3digo abierto. A partir de la versi\u00f3n 4.4.0 y antes de la versi\u00f3n 4.8.0, al crear un archivo de notas con HTML, el contenido se muestra en la vista previa en lugar de ofrecer el archivo para descargar. La versi\u00f3n 4.8.0 de la aplicaci\u00f3n Nextcloud Notes contiene un parche para este problema. No se conocen soluciones disponibles."}], "lastModified": "2023-08-16T19:38:45.193", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:nextcloud:notes:*:*:*:*:*:nextcloud:*:*", "vulnerable": true, "matchCriteriaId": "41D0F55F-F815-4CA6-BAE3-BF37ACDB2391", "versionEndExcluding": "4.8.0", "versionStartIncluding": "4.4.0"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}