Vulnerability Details CVE-2018-8046
The getTip() method of Action Columns of Sencha Ext JS 4 to 6 before 6.6.0 is vulnerable to XSS attacks, even when passed HTML-escaped data. This framework brings no built-in XSS protection, so the developer has to ensure that data is correctly sanitized. However, the getTip() method of Action Columns takes HTML-escaped data and un-escapes it. If the tooltip contains user-controlled data, an attacker could exploit this to create a cross-site scripting attack, even when developers took precautions and escaped data.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 54.7%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
Products affected by CVE-2018-8046
-
cpe:2.3:a:sencha:ext_js:4.0.0
-
cpe:2.3:a:sencha:ext_js:4.0.1
-
cpe:2.3:a:sencha:ext_js:4.0.2
-
cpe:2.3:a:sencha:ext_js:4.0.3
-
cpe:2.3:a:sencha:ext_js:4.0.4
-
cpe:2.3:a:sencha:ext_js:4.0.5
-
cpe:2.3:a:sencha:ext_js:4.0.6
-
cpe:2.3:a:sencha:ext_js:4.0.7
-
cpe:2.3:a:sencha:ext_js:4.1.0
-
cpe:2.3:a:sencha:ext_js:4.1.1
-
cpe:2.3:a:sencha:ext_js:4.1.2
-
cpe:2.3:a:sencha:ext_js:4.1.3
-
cpe:2.3:a:sencha:ext_js:4.2.0
-
cpe:2.3:a:sencha:ext_js:4.2.1
-
cpe:2.3:a:sencha:ext_js:4.2.2
-
cpe:2.3:a:sencha:ext_js:4.2.3
-
cpe:2.3:a:sencha:ext_js:4.2.4
-
cpe:2.3:a:sencha:ext_js:4.2.5
-
cpe:2.3:a:sencha:ext_js:5.0.0
-
cpe:2.3:a:sencha:ext_js:5.0.1
-
cpe:2.3:a:sencha:ext_js:5.1.0
-
cpe:2.3:a:sencha:ext_js:5.1.1
-
cpe:2.3:a:sencha:ext_js:5.1.2
-
cpe:2.3:a:sencha:ext_js:6.0.0
-
cpe:2.3:a:sencha:ext_js:6.0.1
-
cpe:2.3:a:sencha:ext_js:6.0.2
-
cpe:2.3:a:sencha:ext_js:6.2.0
-
cpe:2.3:a:sencha:ext_js:6.2.1
-
cpe:2.3:a:sencha:ext_js:6.5.0
-
cpe:2.3:a:sencha:ext_js:6.5.1
-
cpe:2.3:a:sencha:ext_js:6.5.3