Improper Access Control in org.webjars.bower:jsdom

Do your applications use this vulnerable package? Test your applications

Overview

org.webjars.bower:jsdom is an A JavaScript implementation of many web standards

Affected versions of this package are vulnerable to Improper Access Control. JSDom improperly allows the loading of local resources, which allows for local files to be manipulated by a malicious web page when script execution is enabled.

Remediation

There is no fixed version for org.webjars.bower:jsdom.

References

GitHub Issue
Tenable Security Advisory

Attack Vector

Network
Attack Complexity

High
Privileges Required

Low
User Interaction

Required
Scope

Unchanged
Confidentiality

Low
Integrity

Low
Availability

None

Credit: Tenable
CVE: CVE-2021-20066
CWE: CWE-284
Snyk ID: SNYK-JAVA-ORGWEBJARSBOWER-1075449
Disclosed: 17 Feb, 2021
Published: 17 Feb, 2021

Improper Access Control
Affecting org.webjars.bower:jsdom artifact, versions [0,]

Overview

Remediation

References

CVSS Score

Improper Access Control Affecting org.webjars.bower:jsdom artifact, versions [0,]

Overview

Remediation

References

Improper Access Control
Affecting org.webjars.bower:jsdom artifact, versions [0,]