CVE-2024-39318

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-39318
The Ibexa Admin UI Bundle contains all the necessary parts to run the Ibexa DXP Back Office interface. The file upload widget is vulnerable to XSS payloads in filenames. Access permission to upload files is required. As such, in most cases only authenticated editors and administrators will have the required permission. It is not persistent, i.e. the payload is only executed during the upload. In effect, an attacker will have to trick an editor/administrator into uploading a strangely named file.

5.4 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.3 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References
Link Resource
https://developers.ibexa.co/security-advisories/ibexa-sa-2024-004-dom-based-xss-in-file-upload
https://github.com/ezsystems/ezplatform-admin-ui/commit/7a9f991b200fa5a03d49cd07f50577c8bc90a30b
https://github.com/ezsystems/ezplatform-admin-ui/security/advisories/GHSA-gc5h-6jx9-q2qh
https://github.com/ibexa/admin-ui/commit/8dc413fad1045fcfbe65dbcb0bea8516accc4c3e
https://github.com/ibexa/admin-ui/security/advisories/GHSA-qm44-wjm2-pr59
Configurations

No configuration.

History

01 Aug 2024, 12:42

Type Values Removed Values Added
Summary
  • (es) El paquete Ibexa Admin UI Bundle contiene todas las piezas necesarias para ejecutar la interfaz de Back Office de Ibexa DXP. El widget de carga de archivos es vulnerable a los payloads XSS en los nombres de archivos. Se requiere permiso de acceso para cargar archivos. Como tal, en la mayoría de los casos sólo los editores y administradores autenticados tendrán el permiso requerido. No es persistente, es decir, el payload sólo se ejecuta durante la carga. En efecto, un atacante tendrá que engañar a un editor/administrador para que cargue un archivo con un nombre extraño.

31 Jul 2024, 16:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-07-31 16:15

Updated : 2024-08-01 12:42

NVD link : CVE-2024-39318

Mitre link : CVE-2024-39318

CVE.ORG link : CVE-2024-39318

JSON object : View

Products Affected

No product.

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')