Lucene search

Veracode Vulnerability DatabaseVERACODE:44485

HistoryNov 30, 2023 - 6:51 a.m.

Template Injection

2023-11-3006:51:35

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

template injection

october cms

vulnerability

crafted request

php code

authenticated backend user

cms template

safe mode

exploitation

malicious request

4.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

7.6 High

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

16.1%

JSON

October CMS is vulnerable to Template Injection. The vulnerability is caused by a crafted request which includes PHP code in the CMS template, where an authenticated backend user possessing the editor.cms_pages, editor.cms_layouts, or editor.cms_partials can execute arbitrary PHP code even when the cms.safe_mode us enabled. This issue can be exploited by an attacker via crafting a mailicious request resulting in execution of arbitrary PHP code.

CPENameOperatorVersion
october/octoberlev3.4.14
october/octoberlev3.4.14

CPE	Name	Operator	Version
	october/october	le	v3.4.14
	october/october	le	v3.4.14

References

github.com/advisories/GHSA-q22j-5r3g-9hmh

github.com/octobercms/october/security/advisories/GHSA-q22j-5r3g-9hmh

4.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

7.6 High

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

16.1%

JSON

Related for VERACODE:44485