CVE-2020-9309Unrestricted File Upload in Mimevalidator

CWE-434Unrestricted File Upload3 documents3 sources
Severity
8.8HIGHNVD
EPSS
0.7%
top 27.35%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Silverstripe MimevalidatorSilverstripe RecipeSilverstripe CMS
Timeline
PublishedJul 15
Latest updateMay 24

Description

Silverstripe CMS through 4.5 can be susceptible to script execution from malicious upload contents under allowed file extensions (for example HTML code in a TXT file). When these files are stored as protected or draft files, the MIME detection can cause browsers to execute the file contents. Uploads stored as protected or draft files are allowed by default for authorised users only, but can also be enabled through custom logic as well as modules such as silverstripe/userforms. Sites using the pr

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages3 packages

NVDsilverstripe/recipe4.0.04.6.0
Packagistsilverstripe/cms4.5.0

🔴Vulnerability Details

2
GHSA
Silverstripe CMS malicious file upload enables script execution2022-05-24
OSV
Silverstripe CMS malicious file upload enables script execution2022-05-24