8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
0.001 Low
EPSS
Percentile
46.1%
kiwitcms is vulnerable to Cross-Site Scripting (XSS). The vulnerability exists due to a lack of file content validation in the deny_uploads_containing_script_tag
function of validators.py
, which allows an attacker to inject arbitrary JavaScript code into a victim’s browser.
github.com/kiwitcms/Kiwi/blob/master/etc/nginx.conf#L66-L68
github.com/kiwitcms/Kiwi/blob/master/etc/nginx.conf#L87
github.com/kiwitcms/Kiwi/commit/d789f4b51025de4f8c747c037d02e1b0da80b034
github.com/kiwitcms/Kiwi/security/advisories/GHSA-2fqm-m4r2-fh98
huntr.dev/bounties/6aea9a26-e29a-467b-aa5a-f767f0c2ec96/