JVN#26026353
WordPress plugin "Markdown on Save Improved" vulnerable to cross-site scripting
Overview
The WordPress plugin "Markdown on Save Improved" contains a cross-site scripting vulnerability.
Products Affected
- Markdown on Save Improved version 2.5 and earlier
Description
The WordPress plugin "Markdown on Save Improved" contains a stored cross-site scripting (CWE-79) vulnerability.
Impact
An arbitrary script may be executed on the user's web browser.
Solution
Update the plugin
Update the plugin according to the information provided by the developer.
While the developer provided an update for this vulnerability, the developer states that this plugin is deprecated. Fixes may not be provided in the future, so it is recommended to transition to a different module.
Vendor Status
| Vendor | Link |
| Markdown on Save Improved | WordPress Plugins - Markdown on Save Improved |
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
| Attack Vector(AV) | Physical (P) | Local (L) | Adjacent (A) | Network (N) |
|---|---|---|---|---|
| Attack Complexity(AC) | High (H) | Low (L) | ||
| Privileges Required(PR) | High (H) | Low (L) | None (N) | |
| User Interaction(UI) | Required (R) | None (N) | ||
| Scope(S) | Unchanged (U) | Changed (C) | ||
| Confidentiality Impact(C) | None (N) | Low (L) | High (H) | |
| Integrity Impact(I) | None (N) | Low (L) | High (H) | |
| Availability Impact(A) | None (N) | Low (L) | High (H) |
| Access Vector(AV) | Local (L) | Adjacent Network (A) | Network (N) |
|---|---|---|---|
| Access Complexity(AC) | High (H) | Medium (M) | Low (L) |
| Authentication(Au) | Multiple (M) | Single (S) | None (N) |
| Confidentiality Impact(C) | None (N) | Partial (P) | Complete (C) |
| Integrity Impact(I) | None (N) | Partial (P) | Complete (C) |
| Availability Impact(A) | None (N) | Partial (P) | Complete (C) |
Credit
Kenta Yamamoto of Cryptography Laboratory,Department of Information and Communication Engineering, Graduate School of Tokyo Denki University reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
Other Information
| JPCERT Alert |
|
| JPCERT Reports |
|
| CERT Advisory |
|
| CPNI Advisory |
|
| TRnotes |
|
| CVE |
CVE-2016-4812 |
| JVN iPedia |
JVNDB-2016-000071 |