Lucene search

MitreCVELIST:CVE-2023-50982

HistoryJan 08, 2024 - 12:00 a.m.

CVE-2023-50982

2024-01-0800:00:00

mitre

www.cve.org

stud.ip 5.x

xss

remote code execution

remote command execution

www-data user

file upload

security vulnerability

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

AI Score

9.4

Confidence

High

EPSS

0.001

Percentile

45.5%

JSON

Stud.IP 5.x through 5.3.3 allows XSS with resultant upload of executable files, because upload_action and edit_action in Admin_SmileysController do not check the file extension. This leads to remote code execution with the privileges of the www-data user. The fixed versions are 5.3.4, 5.2.6, 5.1.7, and 5.0.9.

References

gitlab.studip.de/studip/studip/-/tags

rehmeinfosec.de/labor/cve-2023-50982

sourceforge.net/projects/studip/files/Stud.IP/5.4/

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

AI Score

9.4

Confidence

High

EPSS

0.001

Percentile

45.5%

JSON

Related for CVELIST:CVE-2023-50982