Upstream information

CVE-2018-1000559 at MITRE

Description

qutebrowser version introduced in v0.11.0 (1179ee7a937fb31414d77d9970bac21095358449) contains a Cross Site Scripting (XSS) vulnerability in history command, qute://history page that can result in Via injected JavaScript code, a website can steal the user's browsing history. This attack appear to be exploitable via the victim must open a page with a specially crafted attribute, and then open the qute://history site via the :history command. This vulnerability appears to have been fixed in fixed in v1.3.3 (4c9360237f186681b1e3f2a0f30c45161cf405c7, to be released today) and v1.4.0 (5a7869f2feaa346853d2a85413d6527c87ef0d9f, released later this week). <hr> <h3 class="fcolor9">SUSE information</h3> <p>Overall state of this security issue: Does not affect SUSE products</p> <p>This issue is currently rated as having <a href="https://www.suse.com/support/security/rating.html">moderate</a> severity.</p> <table border="1"> <caption><a href="https://nvd.nist.gov/cvss.cfm">CVSS v2 Scores</a></caption> <tr> <th> </th> <th>National Vulnerability Database</th> </tr> <tr> <td>Base Score</td> <td>4.3</td> </tr> <tr> <td>Vector</td> <td>AV:N/AC:M/Au:N/C:N/I:P/A:N</td> </tr> <tr> <td>Access Vector</td> <td>Network</td> </tr> <tr> <td>Access Complexity</td> <td>Medium</td> </tr> <tr> <td>Authentication</td> <td>None</td> </tr> <tr> <td>Confidentiality Impact</td> <td>None</td> </tr> <tr> <td>Integrity Impact</td> <td>Partial</td> </tr> <tr> <td>Availability Impact</td> <td>None</td> </tr> </table> <table border="1"> <caption><a href="https://nvd.nist.gov/cvss.cfm">CVSS v3 Scores</a></caption> <tr> <th> </th> <th>National Vulnerability Database</th> </tr> <tr> <td>Base Score</td> <td>6.1</td> </tr> <tr> <td>Vector</td> <td>AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N</td> </tr> <tr> <td>Access Vector</td> <td>Network</td> </tr> <tr> <td>Access Complexity</td> <td>Low</td> </tr> <tr> <td>Privileges Required</td> <td>None</td> </tr> <tr> <td>User Interaction</td> <td>Required</td> </tr> <tr> <td>Scope</td> <td>Changed</td> </tr> <tr> <td>Confidentiality Impact</td> <td>Low</td> </tr> <tr> <td>Integrity Impact</td> <td>Low</td> </tr> <tr> <td>Availability Impact</td> <td>None</td> </tr> <tr> <td>CVSSv3 Version</td> <td>3.0</td> </tr> </table> SUSE Bugzilla entry: <a href="https://bugzilla.suse.com/show_bug.cgi?id=1101507">1101507</a> [RESOLVED / FIXED] <p></p> SUSE Security Advisories:<ul> <li> <a href="http://lists.opensuse.org/opensuse-security-announce/2018-07/msg00037.html">openSUSE-SU-2018:2120-1</a>, published Sat, 28 Jul 2018 15:59:49 +0200 (CEST)</li> <li> <a href="http://lists.opensuse.org/opensuse-security-announce/2018-07/msg00047.html">openSUSE-SU-2018:2130-1</a>, published Sat, 28 Jul 2018 16:04:07 +0200 (CEST)</li> </ul> <p></p> <style>.cve-released {color: #02d35f;background-color: #f2f2f2;}</style> <h3 class="fcolor9">List of released packages</h3> <table border="1"> <tr> <th>Product(s)</th> <th>Fixed package version(s)</th> <th>References</th> </tr> <tr> <td>openSUSE Leap 15.0</td> <td><ul> <li><code class="cve-released">qutebrowser >= 1.4.1-lp150.2.3.1</code></li> </ul></td> <td>Patchnames: <br>openSUSE-2019-545</td> </tr> <tr> <td>openSUSE Leap 42.3</td> <td><ul> <li><code class="cve-released">qutebrowser >= 0.11.1-2.3.1</code></li> </ul></td> <td>Patchnames: <br>openSUSE-2018-774</td> </tr> </table> <p></p>