6.1

CVSS Score

3.1

Basic Information

CVE ID

CVE-2020-36644

GHSA ID

GHSA-p33q-4h4m-j994

EPSS Score

0.292%

CWE

CWE-79

Published

1/7/2023

Updated

10/20/2023

KEV Status

Technology

Ruby

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2020-36644

CVE-2020-36644: Inline SVG vulnerable to Cross-site Scripting

A vulnerability has been found in jamesmartin Inline SVG up to 1.7.1 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file lib/inline_svg/action_view/helpers.rb of the component URL Parameter Handler. The manipulation of the argument filename leads to cross site scripting. The attack can be launched remotely. Upgrading to version 1.7.2 is able to address this issue. The name of the patch is f5363b351508486021f99e083c92068cf2943621. It is recommended to upgrade the affected component. The identifier VDB-217597 was assigned to this vulnerability.

(GitHub Advisory)

6.1

CVSS Score

3.1

Basic Information

CVE ID

CVE-2020-36644

GHSA ID

GHSA-p33q-4h4m-j994

EPSS Score

0.292%

CWE

CWE-79

Published

1/7/2023

Updated

10/20/2023

KEV Status

Technology

Ruby

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
inline_svg	rubygems	< 1.7.2	1.7.2

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from the unescaped filename parameter in the placeholder method. The commit diff shows the fix adds ERB::Util.html_escape_once to sanitize the filename. This function constructs error messages displayed in HTML comments, and prior to patching, user-controlled input (filename) was directly embedded without sanitization, enabling XSS when the SVG file wasn't found. The added spec test explicitly verifies escaping of malicious input in this context.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

* vuln*r**ility **s ***n *oun* in j*m*sm*rtin Inlin* SV* up to *.*.* *n* *l*ssi*i** *s pro*l*m*ti*. *****t** *y t*is vuln*r**ility is *n unknown *un*tion*lity o* t** *il* `li*/inlin*_sv*/**tion_vi*w/**lp*rs.r*` o* t** *ompon*nt `URL P*r*m*t*r **n*l*r

Reasoning

T** vuln*r**ility st*ms *rom t** un*s**p** *il*n*m* p*r*m*t*r in t** pl****ol**r m*t*o*. T** *ommit *i** s*ows t** *ix ***s *R*::Util.*tml_*s**p*_on** to s*nitiz* t** *il*n*m*. T*is *un*tion *onstru*ts *rror m*ss***s *ispl*y** in *TML *omm*nts, *n* p

6.1

Basic Information

Concerned about an active attack path?

CVE-2020-36644: Inline SVG vulnerable to Cross-site Scripting

6.1

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI