Skip to content

Instantly share code, notes, and snippets.

@michiiii
Last active December 22, 2020 20:26
Show Gist options
  • Save michiiii/9501b878e7ba3c9fc2a7407ff8277fa5 to your computer and use it in GitHub Desktop.
Save michiiii/9501b878e7ba3c9fc2a7407ff8277fa5 to your computer and use it in GitHub Desktop.
Vulnerability Name: Multiple cross-site scripting (XSS) vulnerabilities in Tin Canny Reporting for LearnDash
Registered: CVE-2020-9439
Discoverers:
Michael Ritter
Vendor of Product:
Uncanny Owl
Affected Product Code Base:
Uncanny Owl Tin Canny LearnDash Reporting before 3.4.4
Attack Type:
Remote
Vulnerability Type:
Cross-Site Scripting (XSS)
Vulnerability Impact:
Code Execution, Information Disclosure
Attack Vector:
To exploit this vulnerability, a user must navigate to the Uncanny Owl Tin Canny LearnDash Reporting plugin.
Description:
Multiple cross-site scripting (XSS) vulnerabilities in Uncanny Owl - Tin Canny LearnDash Reporting 3.3.7 allows authenticated remote attackers to inject arbitrary web script or HTML via:
- search_key GET Parameter in TinCan_Content_List_Table.php
- message GET Parameter in licensing.php
- tc_filter_group in reporting-admin-menu.php
- tc_filter_user in reporting-admin-menu.php
- tc_filter_course in reporting-admin-menu.php
- tc_filter_lesson in reporting-admin-menu.php
- tc_filter_module in reporting-admin-menu.php
- tc_filter_action in reporting-admin-menu.php
- tc_filter_data_range in reporting-admin-menu.php
- tc_filter_data_range_last in reporting-admin-menu.php
Reporting Timeline:
28/02/2020: Vulnerability registered
28/02/2020: Vulnerability was reported to Uncanny Owl
19/08/2020: Vulnerability patched with the release of Tin Canny Reporting for LearnDash 3.4.4
22/12/2020: Public disclosure
Remediated Product Version:
Uncanny Owl Tin Canny LearnDash Reporting 3.4.4
Reference:
https://www.uncannyowl.com/knowledge-base/tin-canny-learndash-reporting-changelog/
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment