In OctoberCMS (october/october composer package) versions from 1.0.319 and before 1.0.466, a user with the ability to use the import functionality of the `ImportExportController` behavior can be socially engineered by an attacker to upload a maliciously crafted CSV file which could result in a reflected XSS attack on the user in question Issue has been patched in Build 466 (v1.0.466).
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/158730/October-CMS-Build-465-XSS-File-Read-File-Deletion-CSV-Injection.html | Exploit Third Party Advisory VDB Entry |
http://seclists.org/fulldisclosure/2020/Aug/2 | Exploit Mailing List Third Party Advisory |
https://github.com/octobercms/october/commit/cd0b6a791f995d86071a024464c1702efc50f46c | Patch Third Party Advisory |
https://github.com/octobercms/october/security/advisories/GHSA-gg6x-xx78-448c | Patch Third Party Advisory |
http://packetstormsecurity.com/files/158730/October-CMS-Build-465-XSS-File-Read-File-Deletion-CSV-Injection.html | Exploit Third Party Advisory VDB Entry |
http://seclists.org/fulldisclosure/2020/Aug/2 | Exploit Mailing List Third Party Advisory |
https://github.com/octobercms/october/commit/cd0b6a791f995d86071a024464c1702efc50f46c | Patch Third Party Advisory |
https://github.com/octobercms/october/security/advisories/GHSA-gg6x-xx78-448c | Patch Third Party Advisory |
Configurations
History
21 Nov 2024, 05:33
Type | Values Removed | Values Added |
---|---|---|
References | () http://packetstormsecurity.com/files/158730/October-CMS-Build-465-XSS-File-Read-File-Deletion-CSV-Injection.html - Exploit, Third Party Advisory, VDB Entry | |
References | () http://seclists.org/fulldisclosure/2020/Aug/2 - Exploit, Mailing List, Third Party Advisory | |
References | () https://github.com/octobercms/october/commit/cd0b6a791f995d86071a024464c1702efc50f46c - Patch, Third Party Advisory | |
References | () https://github.com/octobercms/october/security/advisories/GHSA-gg6x-xx78-448c - Patch, Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : 3.5
v3 : 4.0 |
30 Jun 2022, 14:46
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) http://packetstormsecurity.com/files/158730/October-CMS-Build-465-XSS-File-Read-File-Deletion-CSV-Injection.html - Exploit, Third Party Advisory, VDB Entry | |
References | (FULLDISC) http://seclists.org/fulldisclosure/2020/Aug/2 - Exploit, Mailing List, Third Party Advisory | |
CWE | CWE-79 |
Information
Published : 2020-06-03 22:15
Updated : 2024-11-21 05:33
NVD link : CVE-2020-5298
Mitre link : CVE-2020-5298
CVE.ORG link : CVE-2020-5298
JSON object : View
Products Affected
octobercms
- october