GHSA-wppf-gqj5-fc4f
Suggest an improvement- Source
- https://github.com/advisories/GHSA-wppf-gqj5-fc4f
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/03/GHSA-wppf-gqj5-fc4f/GHSA-wppf-gqj5-fc4f.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-wppf-gqj5-fc4f
- Aliases
- Published
- 2025-03-05T18:31:35Z
- Modified
- 2025-03-05T19:45:42.829389Z
- Severity
-
- 5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- REDAXO allows Arbitrary File Upload in the mediapool page
- Details
-
Summary
An arbitrary file upload vulnerability was identified in the redaxo. This flaw permits users to upload malicious files, which can lead to JavaScript code execution and distribute malware.
Details
On the latest version of Redaxo, v5.18.2, the mediapool/media page is vulnerable to arbitrary file upload.
PoC
- Log in to the portal then navigate to
Mediapool. - Upload a png file (ex: poc.png)
- Intercept the upload HTTP request on burp suite and change
filename: poc.1html,Content-Type:image/htmland insert the malicious html code. (ex:<IFRAME SRC="javascript:alert(1);"></IFRAME>)
Forward the request.
Navigate to the file.
Impact
Exploiting an arbitrary file upload vulnerability enables attackers to execute malicious code on a server.
- Log in to the portal then navigate to
- Database specific
{ "nvd_published_at": "2025-03-05T16:15:40Z", "cwe_ids": [ "CWE-434" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2025-03-05T18:31:35Z" }- References
Affected packages
Packagist / redaxo/source
Package
- Name
- redaxo/source
- Purl
- pkg:composer/redaxo/source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.18.3
Affected versions
5.*
5.10.0-beta1
5.10.0-beta2
5.10.0
5.10.1
5.11.0-beta1
5.11.0
5.11.1
5.11.2
5.12.0-beta1
5.12.0-beta2
5.12.0-beta3
5.12.0
5.12.1
5.13.0-beta1
5.13.0-beta2
5.13.0
5.13.1
5.13.2
5.13.3
5.14.0-beta1
5.14.0-beta2
5.14.0
5.14.1
5.14.2
5.14.3
5.15.0-beta1
5.15.0
5.15.1
5.16.0-beta1
5.16.0
5.16.1
5.17.0
5.17.1
5.18.0
5.18.1
5.18.2