Lucene search

Veracode Vulnerability DatabaseVERACODE:46314

HistoryApr 10, 2024 - 10:32 a.m.

File Upload Injection

2024-04-1010:32:56

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

vulnerability

filenames

upload

code execution

tooltips

popups

back end

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

7.5 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.5%

JSON

contao/core-bundle is vulnerable to File Upload Injection. The vulnerability is due to inadequate sanitization of filenames during the upload process, which allows users to inject malicious code in filenames, leading to code execution in tooltips and popups in the back end.

CPENameOperatorVersion
contao/core-bundlele4.13.39
contao/core-bundlele5.3.3
contao/core-bundlele4.13.39
contao/core-bundlele5.3.3

Name	Operator	Version
contao/core-bundle	le	4.13.39
contao/core-bundle	le	5.3.3
contao/core-bundle	le	4.13.39
contao/core-bundle	le	5.3.3

References

contao.org/en/security-advisories/cross-site-scripting-in-the-file-manager

github.com/contao/contao/commit/878d28dbe0f408740555d6fc8b634bd3f8febfce

github.com/contao/contao/commit/b794e14fff070101bf6a885da9b1a83395093b4d

github.com/contao/contao/security/advisories/GHSA-v24p-7p4j-qvvf