a-blog cms provided by appleple inc. contains multiple vulnerabilities listed below.
Stored cross-site scripting vulnerability in Entry editing pages (CWE-79) CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N Base Score 5.4 CVE-2024-30419Server-side request forgery (CWE-918)CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N Base Score 4.4 CVE-2024-30420Directory traversal (CWE-22)CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Base Score 6.5 CVE-2024-31394Stored cross-site scripting vulnerability in Schedule labeling pages (CWE-79)CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N Base Score 5.4 CVE-2024-31395Code injection (CWE-94) CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H Base Score 6.6 CVE-2024-31396
Impact
- A user with a contributor or higher privilege who can log in to the product may execute an arbitrary script on the web browser of the user who accessed the website using the product (CVE-2024-30419)
- A user with an administrator or higher privilege who can log in to the product may obtain arbitrary files on the server and information on the internal server that is not disclosed to the public (CVE-2024-30420)
- A user with an editor or higher privilege who can log in to the product may obtain arbitrary files on the server (CVE-2024-31394)
- A user with an editor or higher privilege who can log in to the product may execute an arbitrary script on the web browser of the user who accessed the schedule management page (CVE-2024-31395)
- A user with an administrator or higher privilege who can log in to the product may execute an arbitrary command on the server (CVE-2024-31396)
Solution
Update the Software
Update the software to the latest version according to the information provided by the developer.
Apply the workaround
For CVE-2024-30420, CVE-2024-31394, CVE-2024-31395, and CVE-2024-31396 vulnerabilities, the developer also recommends applying workarounds to mitigate the impacts of these vulnerabilities.
For more information, refer to the information provided by the developer.
Products Affected
CVE-2024-30419, CVE-2024-31394, CVE-2024-31395
- a-blog cms Ver.3.1.x series versions prior to Ver.3.1.12
- a-blog cms Ver.3.0.x series versions prior to Ver.3.0.32
- a-blog cms Ver.2.11.x series versions prior to Ver.2.11.61
- a-blog cms Ver.2.10.x series versions prior to Ver.2.10.53
According to the developer, a-blog cms Ver.2.9 and earlier versions, which are now unsupported, are affected by the vulnerabilities as well.
CVE-2024-30420, CVE-2024-31396
- a-blog cms Ver.3.1.x series versions prior to Ver.3.1.12
- a-blog cms Ver.3.0.x series versions prior to Ver.3.0.32