Reflected XSS in Firefox in check endpoint
Published: November 09, 2018
SECURITY IDENTIFIERS
- CVE: CVE-2018-1000855 (NVD)
- GHSA: GHSA-c289-47qf-rvrr
- Vendor Advisory: https://github.com/basecamp/easymon/issues/26
GEM
SEVERITY
CVSS v3.x: 6.1 (Medium)
PATCHED VERSIONS
>= 1.4.1
DESCRIPTION
When passing an invalid check name as parameter to the endpoint where the easymon routes are mounted, a 406 response with a body that contains the invalid check name unescaped is returned. Malicious JavaScript can be injected into that invalid name and have it executed in Firefox