ID
VAR-202110-1226
CVE
CVE-2020-23054
TITLE
User Agent String Switcher Cross-site scripting vulnerability in services
Trust: 0.8
sources:
JVNDB: JVNDB-2019-016704
DESCRIPTION
A cross-site scripting (XSS) vulnerability in NSK User Agent String Switcher Service v0.3.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the user agent input field. The user agent string that web servers and client code see when visiting a website with predetection
Trust: 1.8
sources:
NVD: CVE-2020-23054 //
JVNDB: JVNDB-2019-016704 //
VULHUB: VHN-176794 //
VULMON: CVE-2020-23054
AFFECTED PRODUCTS
| vendor: | user agent switcher and manager | model: | user-agent switcher and manager | scope: | eq | version: | 0.3.5 | Trust: 1.8 |
| vendor: | user agent switcher and manager | model: | user-agent switcher and manager | scope: | eq | version: | - | Trust: 0.8 |
sources:
JVNDB: JVNDB-2019-016704 //
NVD: CVE-2020-23054
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
sources:
VULHUB: VHN-176794 //
JVNDB: JVNDB-2019-016704 //
CNNVD: CNNVD-202110-1606 //
NVD: CVE-2020-23054
PROBLEMTYPE DATA
| problemtype: | CWE-79 | Trust: 1.1 |
| problemtype: | Cross-site scripting (CWE-79) [NVD evaluation ] | Trust: 0.8 |
sources:
VULHUB: VHN-176794 //
JVNDB: JVNDB-2019-016704 //
NVD: CVE-2020-23054
THREAT TYPE
remote
Trust: 0.6
sources:
CNNVD: CNNVD-202110-1606
TYPE
XSS
Trust: 0.6
sources:
CNNVD: CNNVD-202110-1606
PATCH
| title: | User-Agent Switcher and Manager | url: | https://addons.mozilla.org/de/firefox/addon/user-agent-string-switcher/ | Trust: 0.8 |
sources:
JVNDB: JVNDB-2019-016704
EXTERNAL IDS
| db: | NVD | id: | CVE-2020-23054 | Trust: 3.4 |
| db: | JVNDB | id: | JVNDB-2019-016704 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-202110-1606 | Trust: 0.7 |
| db: | VULHUB | id: | VHN-176794 | Trust: 0.1 |
| db: | VULMON | id: | CVE-2020-23054 | Trust: 0.1 |
sources:
VULHUB: VHN-176794 //
VULMON: CVE-2020-23054 //
JVNDB: JVNDB-2019-016704 //
CNNVD: CNNVD-202110-1606 //
NVD: CVE-2020-23054
REFERENCES
| url: | https://www.vulnerability-lab.com/get_content.php?id=2189 | Trust: 2.6 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2020-23054 | Trust: 1.4 |
| url: | https://nvd.nist.gov | Trust: 0.1 |
sources:
VULHUB: VHN-176794 //
VULMON: CVE-2020-23054 //
JVNDB: JVNDB-2019-016704 //
CNNVD: CNNVD-202110-1606 //
NVD: CVE-2020-23054
SOURCES
| db: | VULHUB | id: | VHN-176794 |
| db: | VULMON | id: | CVE-2020-23054 |
| db: | JVNDB | id: | JVNDB-2019-016704 |
| db: | CNNVD | id: | CNNVD-202110-1606 |
| db: | NVD | id: | CVE-2020-23054 |
LAST UPDATE DATE
2024-08-14T15:27:35.545000+00:00
SOURCES UPDATE DATE
| db: | VULHUB | id: | VHN-176794 | date: | 2021-10-28T00:00:00 |
| db: | VULMON | id: | CVE-2020-23054 | date: | 2021-10-25T00:00:00 |
| db: | JVNDB | id: | JVNDB-2019-016704 | date: | 2022-10-07T06:32:00 |
| db: | CNNVD | id: | CNNVD-202110-1606 | date: | 2021-11-02T00:00:00 |
| db: | NVD | id: | CVE-2020-23054 | date: | 2021-10-28T00:49:03.860 |
SOURCES RELEASE DATE
| db: | VULHUB | id: | VHN-176794 | date: | 2021-10-22T00:00:00 |
| db: | VULMON | id: | CVE-2020-23054 | date: | 2021-10-22T00:00:00 |
| db: | JVNDB | id: | JVNDB-2019-016704 | date: | 2022-10-07T00:00:00 |
| db: | CNNVD | id: | CNNVD-202110-1606 | date: | 2021-10-22T00:00:00 |
| db: | NVD | id: | CVE-2020-23054 | date: | 2021-10-22T20:15:10.490 |