// For flags

CVE-2018-8046

 

Severity Score

6.1
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The getTip() method of Action Columns of Sencha Ext JS 4 to 6 before 6.6.0 is vulnerable to XSS attacks, even when passed HTML-escaped data. This framework brings no built-in XSS protection, so the developer has to ensure that data is correctly sanitized. However, the getTip() method of Action Columns takes HTML-escaped data and un-escapes it. If the tooltip contains user-controlled data, an attacker could exploit this to create a cross-site scripting attack, even when developers took precautions and escaped data.

El método getTip() de Action Columns de Sencha Ext JS de la versión 4 a la 6 antes de la 6.6.0 es vulnerable a ataques de Cross-Site Scripting (XSS), incluso cuando se pasan datos escapados por HTML. Este framework no aporta protección XSS integrada, por lo que el desarrollador debe asegurarse de que los datos se sanean correctamente. Sin embargo, el método getTip() de Action Columns toma los datos escapados por HTML y los "desescapa". Si el tooltip contiene datos controlados por el usuario, un atacante podría explotar esto para crear un ataque de Cross-Site Scripting (XSS), incluso aunque los desarrolladores hayan tomado precauciones y escapado los datos.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
None
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
None
Integrity
Partial
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2018-03-11 CVE Reserved
  • 2018-07-02 CVE Published
  • 2024-05-14 EPSS Updated
  • 2024-08-05 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Sencha
Search vendor "Sencha"
 Ext Js
Search vendor "Sencha" for product "Ext Js"
 >= 4.0.0 < 6.6.0
Search vendor "Sencha" for product "Ext Js" and version " >= 4.0.0 < 6.6.0"
-
Affected