CVE-2018-8046 Information
Feb 14, 2021
cve
Description
The getTip() method of Action Columns of Sencha Ext JS 4 to 6 before 6.6.0 is vulnerable to XSS attacks even when passed HTML-escaped data. This framework brings no built-in XSS protection so the developer has to ensure that data is correctly sanitized. However the getTip() method of Action Columns takes HTML-escaped data and un-escapes it. If the tooltip contains user-controlled data an attacker could exploit this to create a cross-site scripting attack even when developers took precautions and escaped data.
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Reference
http://examples.sencha.com/extjs/6.6.0/release-notes.html http://seclists.org/fulldisclosure/2018/Jul/8
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
REQUIRED
Confidentiality Impact
CHANGED
Integrity Impact
LOW
Availability Impact
LOW
Base Score
NONE
Base Severity
6.1
Share on: