{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-14T04:29:57.449","vulnerabilities":[{"cve":{"id":"CVE-2020-15135","sourceIdentifier":"security-advisories@github.com","published":"2020-08-04T21:15:14.953","lastModified":"2024-11-21T05:04:55.120","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"save-server (npm package) before version 1.05 is affected by a CSRF vulnerability, as there is no CSRF mitigation (Tokens etc.). The fix introduced in version version 1.05 unintentionally breaks uploading so version v1.0.7 is the fixed version. This is patched by implementing Double submit. The CSRF attack would require you to navigate to a malicious site while you have an active session with Save-Server (Session key stored in cookies). The malicious user would then be able to perform some actions, including uploading/deleting files and adding redirects. If you are logged in as root, this attack is significantly more severe. They can in addition create, delete and update users. If they updated the password of a user, that user's files would then be available. If the root password is updated, all files would be visible if they logged in with the new password. Note that due to the same origin policy malicious actors cannot view the gallery or the response of any of the methods, nor be sure they succeeded. This issue has been patched in version 1.0.7."},{"lang":"es","value":"save-server (paquete npm) anterior a la versión 1.05, está afectada por una vulnerabilidad de tipo CSRF, ya que no hay mitigación de CSRF (tokens, etc.). La corrección introducida en la versión 1.05 bloquea involuntariamente la carga, por lo que la versión v1.0.7 es la versión corregida. Esto es parcheado mediante la implementación de envío Doble. El ataque de tipo CSRF requeriría que navegues en un sitio malicioso mientras tienes una sesión activa con Save-Server (clave de sesión almacenada en las cookies). El usuario malicioso podría realizar algunas acciones, incluyendo la carga y eliminación de archivos y la adición de redireccionamientos. Si ha iniciado sesión como root, este ataque es significativamente más severo. Adicionalmente, pueden crear, eliminar y actualizar usuarios. Si actualizaran la contraseña de un usuario, los archivos de ese usuario estarían disponibles. Si se actualiza la contraseña de root, todos los archivos serían visibles si iniciaran sesión con la nueva contraseña. Tome cuenta que debido a la política del mismo origen, los actores maliciosos no pueden ver la galería ni la respuesta de ninguno de los métodos, ni asegurarse de que hayan tenido éxito. Este problema ha sido parcheado en la versión 1.0.7"}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L","baseScore":6.7,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":1.2,"impactScore":5.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L","baseScore":7.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":2.1,"impactScore":5.5}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-352"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:save-server_project:save-server:*:*:*:*:*:node.js:*:*","versionEndExcluding":"1.0.5","matchCriteriaId":"137FD172-368B-4855-AB15-7C7B24ECBF96"}]}]}],"references":[{"url":"https://github.com/Neztore/save-server/security/advisories/GHSA-wwrj-35w6-77ff","source":"security-advisories@github.com","tags":["Third Party Advisory"]},{"url":"https://medium.com/cross-site-request-forgery-csrf/double-submit-cookie-pattern-65bb71d80d9f","source":"security-advisories@github.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.npmjs.com/package/save-server","source":"security-advisories@github.com","tags":["Product","Third Party Advisory"]},{"url":"https://github.com/Neztore/save-server/security/advisories/GHSA-wwrj-35w6-77ff","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://medium.com/cross-site-request-forgery-csrf/double-submit-cookie-pattern-65bb71d80d9f","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.npmjs.com/package/save-server","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Third Party Advisory"]}]}}]}