CVE-2020-5298

In OctoberCMS (october/october composer package) versions from 1.0.319 and before 1.0.466, a user with the ability to use the import functionality of the `ImportExportController` behavior can be socially engineered by an attacker to upload a maliciously crafted CSV file which could result in a reflected XSS attack on the user in question Issue has been patched in Build 466 (v1.0.466).
Configurations

Configuration 1 (hide)

cpe:2.3:a:octobercms:october:*:*:*:*:*:*:*:*

History

21 Nov 2024, 05:33

Type Values Removed Values Added
References () http://packetstormsecurity.com/files/158730/October-CMS-Build-465-XSS-File-Read-File-Deletion-CSV-Injection.html - Exploit, Third Party Advisory, VDB Entry () http://packetstormsecurity.com/files/158730/October-CMS-Build-465-XSS-File-Read-File-Deletion-CSV-Injection.html - Exploit, Third Party Advisory, VDB Entry
References () http://seclists.org/fulldisclosure/2020/Aug/2 - Exploit, Mailing List, Third Party Advisory () http://seclists.org/fulldisclosure/2020/Aug/2 - Exploit, Mailing List, Third Party Advisory
References () https://github.com/octobercms/october/commit/cd0b6a791f995d86071a024464c1702efc50f46c - Patch, Third Party Advisory () https://github.com/octobercms/october/commit/cd0b6a791f995d86071a024464c1702efc50f46c - Patch, Third Party Advisory
References () https://github.com/octobercms/october/security/advisories/GHSA-gg6x-xx78-448c - Patch, Third Party Advisory () https://github.com/octobercms/october/security/advisories/GHSA-gg6x-xx78-448c - Patch, Third Party Advisory
CVSS v2 : 3.5
v3 : 4.8
v2 : 3.5
v3 : 4.0

30 Jun 2022, 14:46

Type Values Removed Values Added
References (MISC) http://packetstormsecurity.com/files/158730/October-CMS-Build-465-XSS-File-Read-File-Deletion-CSV-Injection.html - (MISC) http://packetstormsecurity.com/files/158730/October-CMS-Build-465-XSS-File-Read-File-Deletion-CSV-Injection.html - Exploit, Third Party Advisory, VDB Entry
References (FULLDISC) http://seclists.org/fulldisclosure/2020/Aug/2 - (FULLDISC) http://seclists.org/fulldisclosure/2020/Aug/2 - Exploit, Mailing List, Third Party Advisory
CWE CWE-79

Information

Published : 2020-06-03 22:15

Updated : 2024-11-21 05:33


NVD link : CVE-2020-5298

Mitre link : CVE-2020-5298

CVE.ORG link : CVE-2020-5298


JSON object : View

Products Affected

octobercms

  • october
CWE
CWE-87

Improper Neutralization of Alternate XSS Syntax

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')