CVE Vulnerability

CVE-2018-19335

Google Monorail before 2018-06-07 has a Cross-Site Search (XS-Search) vulnerability because CSV downloads are affected by CSRF, and calculations of download times (for requests with a crafted groupby value) can be used to obtain sensitive information about the content of bug reports.

2.6 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 4.9 / Impact : 2.9

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

Scope

5.3 /10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.6 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://medium.com/@luanherrera/xs-searching-googles-bug-tracker-to-find-out-vulnerable-source-code-50d8135b7549 Exploit Press/Media Coverage
https://chromium.googlesource.com/infra/infra/+/e27936ef82d33a5f286e1f2f22817aa682f79e90 Patch Vendor Advisory
https://www.reddit.com/r/netsec/comments/9yiidf/xssearching_googles_bug_tracker_to_find_out/ea2i7wz/ Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:google:monorail:*:*:*:*:*:*:*:*
Information

Published : 2018-11-20 09:29

Updated : 2020-08-24 05:37

NVD link : CVE-2018-19335

Mitre link : CVE-2018-19335

Products Affected
No products.
CWE
CWE-352