CVE-2023-45809

Wagtail is an open source content management system built on Django. A user with a limited-permission editor account for the Wagtail admin can make a direct URL request to the admin view that handles bulk actions on user accounts. While authentication rules prevent the user from making any changes, the error message discloses the display names of user accounts, and by modifying URL parameters, the user can retrieve the display name for any user. The vulnerability is not exploitable by an ordinary site visitor without access to the Wagtail admin. Patched versions have been released as Wagtail 4.1.8 (LTS), 5.0.5 and 5.1.3. The fix is also included in Release Candidate 1 of the forthcoming Wagtail 5.2 release. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:torchbox:wagtail:*:*:*:*:*:*:*:*
cpe:2.3:a:torchbox:wagtail:*:*:*:*:*:*:*:*
cpe:2.3:a:torchbox:wagtail:*:*:*:*:*:*:*:*

History

28 Dec 2023, 18:58

Type Values Removed Values Added
New CVE

Information

Published : 2023-10-19 19:15

Updated : 2024-02-05 00:01


NVD link : CVE-2023-45809

Mitre link : CVE-2023-45809

CVE.ORG link : CVE-2023-45809


JSON object : View

Products Affected

torchbox

  • wagtail
CWE
CWE-532

Insertion of Sensitive Information into Log File

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

CWE-425

Direct Request ('Forced Browsing')