CVE-2018-20663

Source
https://cve.org/CVERecord?id=CVE-2018-20663
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-20663.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2018-20663
Aliases
Published
2019-01-03T19:29:01.633Z
Modified
2026-07-08T05:52:31.850555234Z
Severity
  • 5.4 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

The Reporting Addon (aka Reports Addon) through 2019-01-02 for CUBA Platform through 6.10.x has Persistent XSS via the "Reports > Reports" name field.

Database specific
{
    "unresolved_ranges": [
        {
            "cpes": [
                "cpe:2.3:a:haulmont:reporting:*:*:*:*:*:cuba_platform:*:*"
            ],
            "extracted_events": [
                {
                    "last_affected": "2019-01-02"
                }
            ],
            "source": "CPE_RANGE",
            "vendor_product": "haulmont:reporting"
        }
    ]
}
References

Affected packages

Git / github.com/cuba-platform/cuba

Affected ranges

Type
GIT
Repo
https://github.com/cuba-platform/cuba
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Database specific
{
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "6.10.7"
        }
    ],
    "cpe": "cpe:2.3:a:haulmont:cuba_platform:*:*:*:*:*:*:*:*",
    "source": "CPE_RANGE"
}

Affected versions

6.*
6.10.0
6.10.0-BETA1
6.10.0.BETA1
6.10.1
6.10.2
6.10.3
6.10.4
6.10.5
6.10.6
6.10.7
6.5.0.M1
6.6.0.RC1
6.9.0.BETA1

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-20663.json"