Required CVE Record Information
Description
By default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses. This webpage is vulnerable to a reflected Cross-Site Scripting (XSS) attack via the styleSheetPath, which allows a malicious actor to inject javascript into the web page. This vulnerability affects all versions of Apache CXF prior to 3.4.1 and 3.3.8. Please note that this is a separate issue to CVE-2019-17573.
Credits
- Thanks to Ryan Lambeth for reporting this issue.
References 15 Total
- http://cxf.apache.org/security-advisories.data/CVE-2020-13954.txt.asc?version=1&modificationDate=1605183670659&api=v2
- lists.apache.org: [cxf-dev] 20201112 CVE-2020-13954: Apache CXF Reflected XSS in the services listing page via the styleSheetPath mailing-list
- lists.apache.org: [cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html mailing-list
- lists.apache.org: [cxf-users] 20201112 CVE-2020-13954: Apache CXF Reflected XSS in the services listing page via the styleSheetPath mailing-list
- openwall.com: [oss-security] 20201112 CVE-2020-13954: Apache CXF Reflected XSS in the services listing page via the styleSheetPath mailing-list
- lists.apache.org: [announce] 20201112 CVE-2020-13954: Apache CXF Reflected XSS in the services listing page via the styleSheetPath mailing-list
- lists.apache.org: [cxf-users] 20201125 RE: CVE-2020-13954: Apache CXF Reflected XSS in the services listing page via the styleSheetPath mailing-list
- https://www.oracle.com/security-alerts/cpujan2021.html
- lists.apache.org: [cxf-commits] 20210402 svn commit: r1073270 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2021-22696.txt.asc security-advisories.html mailing-list
- lists.apache.org: [syncope-dev] 20210526 [GitHub] [syncope] coheigea opened a new pull request #268: Disable CXF Services Listing mailing-list
- https://www.oracle.com/security-alerts/cpuApr2021.html
- https://security.netapp.com/advisory/ntap-20210513-0010/
- lists.apache.org: [cxf-commits] 20210616 svn commit: r1075801 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2021-30468.txt.asc security-advisories.html mailing-list
- https://www.oracle.com/security-alerts/cpuoct2021.html
- https://www.oracle.com/security-alerts/cpuapr2022.html
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 15 Total
- http://cxf.apache.org/security-advisories.data/CVE-2020-13954.txt.asc?version=1&modificationDate=1605183670659&api=v2 x_transferred
- lists.apache.org: [cxf-dev] 20201112 CVE-2020-13954: Apache CXF Reflected XSS in the services listing page via the styleSheetPath mailing-listx_transferred
- lists.apache.org: [cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html mailing-listx_transferred
- lists.apache.org: [cxf-users] 20201112 CVE-2020-13954: Apache CXF Reflected XSS in the services listing page via the styleSheetPath mailing-listx_transferred
- openwall.com: [oss-security] 20201112 CVE-2020-13954: Apache CXF Reflected XSS in the services listing page via the styleSheetPath mailing-listx_transferred
- lists.apache.org: [announce] 20201112 CVE-2020-13954: Apache CXF Reflected XSS in the services listing page via the styleSheetPath mailing-listx_transferred
- lists.apache.org: [cxf-users] 20201125 RE: CVE-2020-13954: Apache CXF Reflected XSS in the services listing page via the styleSheetPath mailing-listx_transferred
- https://www.oracle.com/security-alerts/cpujan2021.html x_transferred
- lists.apache.org: [cxf-commits] 20210402 svn commit: r1073270 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2021-22696.txt.asc security-advisories.html mailing-listx_transferred
- lists.apache.org: [syncope-dev] 20210526 [GitHub] [syncope] coheigea opened a new pull request #268: Disable CXF Services Listing mailing-listx_transferred
- https://www.oracle.com/security-alerts/cpuApr2021.html x_transferred
- https://security.netapp.com/advisory/ntap-20210513-0010/ x_transferred
- lists.apache.org: [cxf-commits] 20210616 svn commit: r1075801 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2021-30468.txt.asc security-advisories.html mailing-listx_transferred
- https://www.oracle.com/security-alerts/cpuoct2021.html x_transferred
- https://www.oracle.com/security-alerts/cpuapr2022.html x_transferred