Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-qw4h-3xjj-84cc

Опубликовано: 01 дек. 2023
Источник: github
Github: Прошло ревью
CVSS3: 7.5

Описание

Apache Tiles: Unvalidated input may lead to path traversal and XXE

The value set as the DefaultLocaleResolver.LOCALE_KEY attribute on the session was not validated while resolving XML definition files, leading to possible path traversal and eventually SSRF/XXE when passing user-controlled data to this key. Passing user-controlled data to this key may be relatively common, as it was also used like that to set the language in the 'tiles-test' application shipped with Tiles.

This issue affects Apache Tiles from version 2 onwards.

NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Ссылки

Пакеты

Наименование

org.apache.tiles:tiles-core

maven
Затронутые версииВерсия исправления

>= 2.0.0

Отсутствует

Наименование

org.apache.struts:struts-tiles

maven
Затронутые версииВерсия исправления

>= 1.3.0, <= 1.3.10

Отсутствует

Наименование

struts:struts

maven
Затронутые версииВерсия исправления

>= 1.1, <= 1.2.9

Отсутствует

EPSS

Процентиль: 75%
0.00856
Низкий

7.5 High

CVSS3

CVE ID

CVE-2023-49735

Дефекты

CWE-22
CWE-776

Связанные уязвимости

ubuntu логотип

CVE-2023-49735

CVSS3: 7.5
ubuntu
около 2 лет назад

** UNSUPPORTED WHEN ASSIGNED ** The value set as the DefaultLocaleResolver.LOCALE_KEY attribute on the session was not validated while resolving XML definition files, leading to possible path traversal and eventually SSRF/XXE when passing user-controlled data to this key. Passing user-controlled data to this key may be relatively common, as it was also used like that to set the language in the 'tiles-test' application shipped with Tiles. This issue affects Apache Tiles from version 2 onwards. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

nvd логотип

CVE-2023-49735

CVSS3: 7.5
nvd
около 2 лет назад

** UNSUPPORTED WHEN ASSIGNED ** The value set as the DefaultLocaleResolver.LOCALE_KEY attribute on the session was not validated while resolving XML definition files, leading to possible path traversal and eventually SSRF/XXE when passing user-controlled data to this key. Passing user-controlled data to this key may be relatively common, as it was also used like that to set the language in the 'tiles-test' application shipped with Tiles. This issue affects Apache Tiles from version 2 onwards. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

debian логотип

CVE-2023-49735

CVSS3: 7.5
debian
около 2 лет назад

** UNSUPPORTED WHEN ASSIGNED ** The value set as the DefaultLocaleRes ...

EPSS

Процентиль: 75%
0.00856
Низкий

7.5 High

CVSS3

CVE ID

CVE-2023-49735

Дефекты

CWE-22
CWE-776