CVE-2018-1000088
MEDIUMDoorkeeper 2.1.0-4.2.5 - Stored Cross-Site Scripting in OAuth Client Name
Title source: llmDescription
Doorkeeper version 2.1.0 through 4.2.5 contains a Cross Site Scripting (XSS) vulnerability in web view's OAuth app form, user authorization prompt web view that can result in Stored XSS on the OAuth Client's name will cause users interacting with it will execute payload. This attack appear to be exploitable via The victim must be tricked to click an opaque link to the web view that runs the XSS payload. A malicious version virtually indistinguishable from a normal link.. This vulnerability appears to have been fixed in 4.2.6, 4.3.0.
References (4)
Core 4
Core References
Third Party Advisory x_refsource_misc
https://github.com/rubysec/ruby-advisory-db/pull/328/files
Issue Tracking x_refsource_misc
https://github.com/doorkeeper-gem/doorkeeper/issues/969
Release Notes x_refsource_misc
https://github.com/doorkeeper-gem/doorkeeper/releases/tag/v4.3.0
Issue Tracking x_refsource_misc
https://github.com/doorkeeper-gem/doorkeeper/pull/970
Scores
CVSS v3
6.1
EPSS
0.0017
EPSS Percentile
38.3%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Details
CWE
CWE-79
Status
published
Products (2)
doorkeeper_project/doorkeeper
2.1.0 - 4.2.5
rubygems/doorkeeper
2.1.0 - 4.2.6RubyGems
Published
Mar 13, 2018
Tracked Since
Feb 18, 2026