CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-12882

Submitty through 20.04.01 allows XSS via upload of an SVG document, as demonstrated by an attack by a Student against a Teaching Fellow.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 60.1%

CVSS Severity

CVSS v3 Score 5.4

CVSS v2 Score 3.5

References

Products affected by CVE-2020-12882

Rcos » Submitty » Version: 0.1.1

cpe:2.3:a:rcos:submitty:0.1.1
Rcos » Submitty » Version: 0.2.0

cpe:2.3:a:rcos:submitty:0.2.0
Rcos » Submitty » Version: 0.2.1

cpe:2.3:a:rcos:submitty:0.2.1
Rcos » Submitty » Version: 0.3..0

cpe:2.3:a:rcos:submitty:0.3..0
Rcos » Submitty » Version: 0.3.0.1

cpe:2.3:a:rcos:submitty:0.3.0.1
Rcos » Submitty » Version: 0.4.0

cpe:2.3:a:rcos:submitty:0.4.0
Rcos » Submitty » Version: 0.4.1

cpe:2.3:a:rcos:submitty:0.4.1
Rcos » Submitty » Version: 0.4.2

cpe:2.3:a:rcos:submitty:0.4.2
Rcos » Submitty » Version: 0.4.2.1

cpe:2.3:a:rcos:submitty:0.4.2.1
Rcos » Submitty » Version: 0.4.3

cpe:2.3:a:rcos:submitty:0.4.3
Rcos » Submitty » Version: 0.4.3.1

cpe:2.3:a:rcos:submitty:0.4.3.1
Rcos » Submitty » Version: 1.0

cpe:2.3:a:rcos:submitty:1.0
Rcos » Submitty » Version: 1.0..3

cpe:2.3:a:rcos:submitty:1.0..3
Rcos » Submitty » Version: 1.0.0

cpe:2.3:a:rcos:submitty:1.0.0
Rcos » Submitty » Version: 1.0.1

cpe:2.3:a:rcos:submitty:1.0.1
Rcos » Submitty » Version: 1.0.2

cpe:2.3:a:rcos:submitty:1.0.2
Rcos » Submitty » Version: 1.1.0

cpe:2.3:a:rcos:submitty:1.1.0
Rcos » Submitty » Version: 18.06.00

cpe:2.3:a:rcos:submitty:18.06.00
Rcos » Submitty » Version: 19.06.00

cpe:2.3:a:rcos:submitty:19.06.00
Rcos » Submitty » Version: 19.06.01

cpe:2.3:a:rcos:submitty:19.06.01
Rcos » Submitty » Version: 19.06.02

cpe:2.3:a:rcos:submitty:19.06.02
Rcos » Submitty » Version: 19.07.00

cpe:2.3:a:rcos:submitty:19.07.00
Rcos » Submitty » Version: 19.07.01

cpe:2.3:a:rcos:submitty:19.07.01
Rcos » Submitty » Version: 19.08.00

cpe:2.3:a:rcos:submitty:19.08.00
Rcos » Submitty » Version: 19.08.01

cpe:2.3:a:rcos:submitty:19.08.01
Rcos » Submitty » Version: 19.08.02

cpe:2.3:a:rcos:submitty:19.08.02
Rcos » Submitty » Version: 19.08.03

cpe:2.3:a:rcos:submitty:19.08.03
Rcos » Submitty » Version: 19.08.04

cpe:2.3:a:rcos:submitty:19.08.04
Rcos » Submitty » Version: 19.08.05

cpe:2.3:a:rcos:submitty:19.08.05
Rcos » Submitty » Version: 19.09.00

cpe:2.3:a:rcos:submitty:19.09.00
Rcos » Submitty » Version: 19.09.01

cpe:2.3:a:rcos:submitty:19.09.01
Rcos » Submitty » Version: 19.09.02

cpe:2.3:a:rcos:submitty:19.09.02
Rcos » Submitty » Version: 19.09.03

cpe:2.3:a:rcos:submitty:19.09.03
Rcos » Submitty » Version: 19.09.04

cpe:2.3:a:rcos:submitty:19.09.04
Rcos » Submitty » Version: 19.09.05

cpe:2.3:a:rcos:submitty:19.09.05
Rcos » Submitty » Version: 19.10.00

cpe:2.3:a:rcos:submitty:19.10.00
Rcos » Submitty » Version: 19.10.01

cpe:2.3:a:rcos:submitty:19.10.01
Rcos » Submitty » Version: 19.10.02

cpe:2.3:a:rcos:submitty:19.10.02
Rcos » Submitty » Version: 19.11.00

cpe:2.3:a:rcos:submitty:19.11.00
Rcos » Submitty » Version: 19.12.00

cpe:2.3:a:rcos:submitty:19.12.00
Rcos » Submitty » Version: 20.01.00

cpe:2.3:a:rcos:submitty:20.01.00
Rcos » Submitty » Version: 20.01.01

cpe:2.3:a:rcos:submitty:20.01.01
Rcos » Submitty » Version: 20.01.02

cpe:2.3:a:rcos:submitty:20.01.02
Rcos » Submitty » Version: 20.02.00

cpe:2.3:a:rcos:submitty:20.02.00
Rcos » Submitty » Version: 20.02.01

cpe:2.3:a:rcos:submitty:20.02.01
Rcos » Submitty » Version: 20.02.02

cpe:2.3:a:rcos:submitty:20.02.02
Rcos » Submitty » Version: 20.03.00

cpe:2.3:a:rcos:submitty:20.03.00
Rcos » Submitty » Version: 20.03.01

cpe:2.3:a:rcos:submitty:20.03.01
Rcos » Submitty » Version: 20.03.02

cpe:2.3:a:rcos:submitty:20.03.02
Rcos » Submitty » Version: 20.03.03

cpe:2.3:a:rcos:submitty:20.03.03
Rcos » Submitty » Version: 20.03.04

cpe:2.3:a:rcos:submitty:20.03.04
Rcos » Submitty » Version: 20.04.00

cpe:2.3:a:rcos:submitty:20.04.00
Rcos » Submitty » Version: 20.04.01

cpe:2.3:a:rcos:submitty:20.04.01

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-12882

Products

Pricing

Contact Us