GitHub Advisory DatabaseGHSA-3X74-V64J-QC3FWithdrawn Advisory: CraftCMS Server-Side Template Injection vulnerability
7.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
0.004 Low
EPSS
Percentile
73.6%
Withdrawn
This advisory has been withdrawn because the CVE has been disputed and the underlying vulnerability is likely invalid. This link is maintained to preserve external references.
According to maintainers of Craft CMS, only administrators can access Settings, and those administrators may have business needs for their permissions. Additionally, the underlying issue likely has little to no real-world security impact.
Original Description
CraftCMS is vulnerable to Server-Side Template Injection (SSTI). An authenticated attacker can inject Twig Template to User Photo Location field when setting User Photo Location in User Settings, lead to Remote Code Execution.
Affected configurations
| CPE | Name | Operator | Version |
|---|---|---|---|
| craftcms/cms | lt | 4.4.2 |
References
datnlq.gitbook.io/cve/craft-cms/cve-2023-30179-server-side-template-injection
github.com/advisories/GHSA-3x74-v64j-qc3f
github.com/craftcms/cms/blob/develop/CHANGELOG.md#442---2023-03-14
github.com/github/advisory-database/pull/2443
github.com/github/advisory-database/pull/2443#issuecomment-1610040714
github.com/github/advisory-database/pull/2443#issuecomment-1610634200
nvd.nist.gov/vuln/detail/CVE-2023-30179
Related
7.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
0.004 Low
EPSS
Percentile
73.6%