CVE-2020-9280 — Unrestricted File Upload in Assets

CWE-434 — Unrestricted File Upload3 documents3 sources

Severity

7.5HIGHNVD

EPSS

0.4%

top 40.20%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Silverstripe Assets Silverstripe Framework Silverstripe Userforms +1 more

Timeline

PublishedApr 15

Latest updateMay 24

Description

In SilverStripe through 4.5, files uploaded via Forms to folders migrated from Silverstripe CMS 3.x may be put to the default "/Uploads" folder instead. This affects installations which allowed upload folder protection via the optional silverstripe/secureassets module under 3.x. This module is installed and enabled by default on the Common Web Platform (CWP). The vulnerability only affects files uploaded after an upgrade to 4.x.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages4 packages

▶Packagistsilverstripe/userforms5.0.0 — 5.4.2

▶Packagistsilverstripe/assets1.0.0 — 1.4.7+1

▶Packagistsilverstripe/framework4.0.0 — 4.4.6

▶NVDsilverstripe/silverstripe4.0.0 — 4.5.0

🔴Vulnerability Details

GHSA

SilverStripe Folders migrated from 3.x may be unsafe to upload to↗2022-05-24

▶

OSV

SilverStripe Folders migrated from 3.x may be unsafe to upload to↗2022-05-24

▶