CVE-2019-18345

moderate-risk
Published 2019-12-12

A reflected XSS issue was discovered in DAViCal through 1.1.8. It echoes the action parameter without encoding. If a user visits an attacker-supplied link, the attacker can view all data the attacked user can view, as well as perform all actions in the name of the user. If the user is an administrator, the attacker can for example add a new admin user to gain full access to the application.

Do I need to act?

-
0.92% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.3/10 Critical
NETWORK / LOW complexity

Affected Products (4)

Davical

Affected Vendors

Debian Davical

References (16)

Exploit http://packetstormsecurity.com/files/155630/DAViCal-CalDAV-Server-1.1.8-Reflecti...
Release Notes https://gitlab.com/davical-project/davical/blob/master/ChangeLog
Exploit https://hackdefense.com/publications/cve-2019-18345-davical-caldav-server-vulner...
Mailing List https://lists.debian.org/debian-lts-announce/2019/12/msg00016.html
Mailing List https://seclists.org/bugtraq/2019/Dec/30
Product https://wiki.davical.org/index.php/Main_Page
Product https://www.davical.org/
Third Party Advisory https://www.debian.org/security/2019/dsa-4582
Exploit http://packetstormsecurity.com/files/155630/DAViCal-CalDAV-Server-1.1.8-Reflecti...
Release Notes https://gitlab.com/davical-project/davical/blob/master/ChangeLog
Exploit https://hackdefense.com/publications/cve-2019-18345-davical-caldav-server-vulner...
Mailing List https://lists.debian.org/debian-lts-announce/2019/12/msg00016.html
Mailing List https://seclists.org/bugtraq/2019/Dec/30
Product https://wiki.davical.org/index.php/Main_Page
Product https://www.davical.org/
Third Party Advisory https://www.debian.org/security/2019/dsa-4582
44
/ 100
moderate-risk
Severity 31/34 · Critical
Exploitability 3/34 · Minimal
Exposure 10/34 · Low