CVE-2020-11001

low-risk
Published 2020-04-14

In Wagtail before versions 2.8.1 and 2.7.2, a cross-site scripting (XSS) vulnerability exists on the page revision comparison view within the Wagtail admin interface. A user with a limited-permission editor account for the Wagtail admin could potentially craft a page revision history that, when viewed by a user with higher privileges, could perform actions with that user's credentials. The vulnerability is not exploitable by an ordinary site visitor without access to the Wagtail admin. Patched versions have been released as Wagtail 2.7.2 (for the LTS 2.7 branch) and Wagtail 2.8.1 (for the current 2.8 branch).

Do I need to act?

-
0.36% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.8/10 Medium
NETWORK / HIGH complexity

Affected Products (2)

Wagtail
Wagtail

Affected Vendors

Torchbox

References (4)

Exploit https://github.com/wagtail/wagtail/security/advisories/GHSA-v2wc-pfq2-5cm6
https://github.com/wagtail/wagtail/commit/61045ceefea114c40ac4b680af58990dbe7323...
https://github.com/wagtail/wagtail/releases/tag/v2.8.1
Exploit https://github.com/wagtail/wagtail/security/advisories/GHSA-v2wc-pfq2-5cm6
26
/ 100
low-risk
Severity 18/34 · Moderate
Exploitability 1/34 · Minimal
Exposure 7/34 · Low