CVE-2023-4220

Опубликовано: 28 нояб. 2023

Источник: nvd

CVSS3: 8.1

CVSS3: 6.1

EPSS Критический

Описание

Unrestricted file upload in big file upload functionality in /main/inc/lib/javascript/bigupload/inc/bigUpload.php in Chamilo LMS <= v1.11.24 allows unauthenticated attackers to perform stored cross-site scripting attacks and obtain remote code execution via uploading of web shell.

Ссылки

https://github.com/chamilo/chamilo-lms/commit/3b487a55076fb06f96809b790a35dcdd42f8ec49
Patch
https://starlabs.sg/advisories/23/23-4220
Exploit
Third Party Advisory
https://support.chamilo.org/projects/chamilo-18/wiki/security_issues#Issue-130-2023-09-04-Critical-impact-High-risk-Unauthenticated-users-may-gain-XSS-and-unauthenticated-RCE-CVE-2023-4220
Issue Tracking
Vendor Advisory
https://github.com/chamilo/chamilo-lms/commit/3b487a55076fb06f96809b790a35dcdd42f8ec49
Patch
https://starlabs.sg/advisories/23/23-4220
Exploit
Third Party Advisory
https://support.chamilo.org/projects/chamilo-18/wiki/security_issues#Issue-130-2023-09-04-Critical-impact-High-risk-Unauthenticated-users-may-gain-XSS-and-unauthenticated-RCE-CVE-2023-4220
Issue Tracking
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:chamilo:chamilo_lms:*:*:*:*:*:*:*:*

Версия до 1.11.24 (включая)

EPSS

Процентиль: 100%

0.93271

Критический

8.1 High

CVSS3

6.1 Medium

CVSS3

Дефекты

CWE-434

CWE-79

Связанные уязвимости

GHSA-9wc2-3gq5-2f4c

CVSS3: 8.1

github

около 2 лет назад

Unrestricted file upload in big file upload functionality in `/main/inc/lib/javascript/bigupload/inc/bigUpload.php` in Chamilo LMS <= v1.11.24 allows unauthenticated attackers to perform stored cross-site scripting attacks and obtain remote code execution via uploading of web shell.

EPSS

Процентиль: 100%

0.93271

Критический

8.1 High

CVSS3

6.1 Medium

CVSS3

Дефекты

CWE-434

CWE-79