Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:GHSA-XWV6-V7QX-F5JC
HistoryFeb 19, 2022 - 12:01 a.m.

Code injection in ezsystems/ezpublish-kernel

2022-02-1900:01:25
Google
osv.dev
13
code injection
image files
access control

EPSS

0.002

Percentile

58.3%

JSON

When image files are uploaded, they are made accessible under a name similar to the original file name. There are two issues with this. Both require access to uploading images in order to exploit them, this limits the impact. The first issue is that certain injection attacks can be possible, since not all possible attack vectors are removed from the original file name.

The second issue is that direct access to the images is not access controlled. This is by design, for performance reasons, and documented as such. But it does mean that images not meant to be publicly accessible can be accessed, provided that the image path and filename is correctly deduced and/or guessed, through dictionary attacks and similar.

Related

nvd 1
prion 1
cvelist 1
cve 1
github 1
nvd
nvd
CVE-2022-25337
2022-02-18 18:15:13
prion
prion
Design/Logic Flaw
2022-02-18 18:15:00
cvelist
cvelist
CVE-2022-25337
2022-02-18 17:48:48
cve
cve
CVE-2022-25337
2022-02-18 18:15:13
github
github
Code injection in ezsystems/ezpublish-kernel
2022-02-19 00:01:25

EPSS

0.002

Percentile

58.3%

JSON
Related for OSV:GHSA-XWV6-V7QX-F5JC
nvd1prion1cvelist1cve1github1