CVE-2020-9439.txt

Vulnerability Name: Multiple cross-site scripting (XSS) vulnerabilities in Tin Canny Reporting for LearnDash 
Registered: CVE-2020-9439

Discoverers:
Michael Ritter

Vendor of Product:
Uncanny Owl

Affected Product Code Base:
Uncanny Owl Tin Canny LearnDash Reporting before 3.4.4

Attack Type:
Remote

Vulnerability Type:
Cross-Site Scripting (XSS)

Vulnerability Impact:
Code Execution, Information Disclosure

Attack Vector:
To exploit this vulnerability, a user must navigate to the Uncanny Owl Tin Canny LearnDash Reporting plugin.

Description:
Multiple cross-site scripting (XSS) vulnerabilities in Uncanny Owl - Tin Canny LearnDash Reporting 3.3.7 allows authenticated remote attackers to inject arbitrary web script or HTML via:

- search_key GET Parameter in TinCan_Content_List_Table.php
- message GET Parameter in licensing.php
- tc_filter_group in reporting-admin-menu.php
- tc_filter_user in reporting-admin-menu.php
- tc_filter_course in reporting-admin-menu.php
- tc_filter_lesson in reporting-admin-menu.php
- tc_filter_module in reporting-admin-menu.php
- tc_filter_action in reporting-admin-menu.php
- tc_filter_data_range in reporting-admin-menu.php
- tc_filter_data_range_last in reporting-admin-menu.php

Reporting Timeline:
28/02/2020: Vulnerability registered
28/02/2020: Vulnerability was reported to Uncanny Owl
19/08/2020: Vulnerability patched with the release of Tin Canny Reporting for LearnDash 3.4.4
22/12/2020: Public disclosure

Remediated Product Version:
Uncanny Owl Tin Canny LearnDash Reporting 3.4.4

Reference:
https://www.uncannyowl.com/knowledge-base/tin-canny-learndash-reporting-changelog/