GHSA-958r-g534-ccmr

Source

https://github.com/advisories/GHSA-958r-g534-ccmr

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2019/07/GHSA-958r-g534-ccmr/GHSA-958r-g534-ccmr.json

Aliases

CVE-2019-9845

Published

2019-07-05T21:11:13Z

Modified

2024-02-19T05:32:27.163063Z

Details

madskristensen Miniblog.Core through 2019-01-16 allows remote attackers to execute arbitrary ASPX code via an IMG element with a data: URL, because SaveFilesToDisk in Controllers/BlogController.cs writes a decoded base64 string to a file without validating the extension.

References

https://nvd.nist.gov/vuln/detail/CVE-2019-9845
https://github.com/advisories/GHSA-958r-g534-ccmr
https://github.com/madskristensen/Miniblog.Core
https://github.com/madskristensen/Miniblog.Core/blob/master/src/Controllers/BlogController.cs#L142
https://rastating.github.io/miniblog-remote-code-execution

Affected packages

NuGet / MadsKristensen.AspNetCore.Miniblog

Package

Name: MadsKristensen.AspNetCore.Miniblog

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Last affected

1.0.3

Affected versions

1.*

1.0.0

1.0.1

1.0.2

1.0.3