Описание
Google Monorail before 2018-04-04 has a Cross-Site Search (XS-Search) vulnerability because CSV downloads are affected by CSRF, and calculations of download times (for requests with duplicated columns) can be used to obtain sensitive information about the content of bug reports.
Ссылки
- PatchVendor Advisory
- https://www.reddit.com/r/netsec/comments/9yiidf/xssearching_googles_bug_tracker_to_find_out/ea2i7wz/ExploitThird Party Advisory
- PatchVendor Advisory
- https://www.reddit.com/r/netsec/comments/9yiidf/xssearching_googles_bug_tracker_to_find_out/ea2i7wz/ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2018-04-04 (исключая)
cpe:2.3:a:google:monorail:*:*:*:*:*:*:*:*
EPSS
Процентиль: 29%
0.00105
Низкий
5.3 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-352
Связанные уязвимости
CVSS3: 5.3
github
больше 3 лет назад
Google Monorail before 2018-04-04 has a Cross-Site Search (XS-Search) vulnerability because CSV downloads are affected by CSRF, and calculations of download times (for requests with duplicated columns) can be used to obtain sensitive information about the content of bug reports.
EPSS
Процентиль: 29%
0.00105
Низкий
5.3 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-352