Cross-Site Scripting Vulnerability in Central Dogma by LINE Corporation
CVE-2019-6002

6.1MEDIUM

Key Information:

Vendor: Line Corporation
Status: Central Dogma
Vendor: CVE Published:; 26 July 2019

🔔 Create Line Corporation Vulnerability Alert

What is CVE-2019-6002?

A Cross-Site Scripting vulnerability in the Central Dogma application, versions 0.17.0 to 0.40.1, permits remote attackers to execute arbitrary web scripts or inject HTML through unspecified vectors. This flaw can compromise the integrity of web applications by allowing malicious users to manipulate the behavior of legitimate users, posing significant risks to data security and privacy.

Affected Version(s)

Central Dogma 0.17.0 to 0.40.1

References

https://github.com/line/centraldogma/releases/tag/central...

x_refsource_MISC

http://jvn.jp/en/jp/JVN94889214/index.html

third-party-advisoryx_refsource_JVN

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 26, 2019
Vulnerability Reserved
Jan 10, 2019