Lucene search

K

GoogleOSV:GHSA-WV28-7FPW-FJ49

HistoryMar 27, 2024 - 6:30 a.m.

Lektor does not sanitize database path traversal

2024-03-2706:30:33

Google

osv.dev

1

lektor

database

path traversal

shell command

vulnerability

security risk

web browser

javascript

localhost

server

6.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.4%

Lektor before 3.3.11 does not sanitize DB path traversal. Thus, shell commands might be executed via a file that is added to the templates directory, if the victim’s web browser accesses an untrusted website that uses JavaScript to send requests to localhost port 5000, and the web browser is running on the same machine as the “lektor server” command.

CPENameOperatorVersion
lektoreq1.2
lektoreq3.0
lektoreq3.3.10
lektoreq2.1
lektoreq3.4.0b1
lektoreq1.1
lektoreq2.2
lektoreq3.4.0b7
lektoreq3.4.0b8
lektoreq3.4.0b6

Rows per page:

1-10 of 421

References

brave.com/privacy-updates/27-localhost-permission

cxsecurity.com/issue/WLB-2024030043

getlektor.com/docs/quickstart

github.com/lektor/lektor/commit/7393d87bd354e43120937789956175064e4610a0

github.com/lektor/lektor/pull/1179/commits/8f38b9713d152622b69ff5e3b1e6a0d7bb7fa800

github.com/lektor/lektor/releases/tag/v3.3.11

github.com/pypa/advisory-database/tree/main/vulns/lektor/PYSEC-2024-49.yaml

nvd.nist.gov/vuln/detail/CVE-2024-28335

packetstormsecurity.com/files/177708/Lektor-Static-CMS-3.3.10-Arbitrary-File-Upload-Remote-Code-Execution.html

6.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.4%

Related for OSV:GHSA-WV28-7FPW-FJ49

ubuntucve1 cvelist1 cve1 veracode1 nvd1 osv1 github1