Vulnerability Details : CVE-2023-23937
Pimcore is an Open Source Data & Experience Management Platform: PIM, MDM, CDP, DAM, DXP/CMS & Digital Commerce. The upload functionality for updating user profile does not properly validate the file content-type, allowing any authenticated user to bypass this security check by adding a valid signature (p.e. GIF89) and sending any invalid content-type. This could allow an authenticated attacker to upload HTML files with JS content that will be executed in the context of the domain. This issue has been patched in version 10.5.16.
Products affected by CVE-2023-23937
- cpe:2.3:a:pimcore:pimcore:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-23937
0.05%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 23 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-23937
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.4
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N |
2.8
|
2.5
|
NIST | |
8.2
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L |
3.9
|
4.2
|
GitHub, Inc. |
CWE ids for CVE-2023-23937
-
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.Assigned by: security-advisories@github.com (Primary)
References for CVE-2023-23937
-
https://github.com/pimcore/pimcore/security/advisories/GHSA-8xv4-jj4h-qww6
Missing file upload type validation in user profile · Advisory · pimcore/pimcore · GitHubPatch;Vendor Advisory
-
https://github.com/pimcore/pimcore/commit/75a448ef8ac74424cf4e723afeb6d05f9eed872f
[Task]: Mime type check on Profile Avatar upload (#14125) · pimcore/pimcore@75a448e · GitHubPatch
Jump to