Vulnerability Details : CVE-2023-28458
pretalx 2.3.1 before 2.3.2 allows path traversal in HTML export (a non-default feature). Organizers can trigger the overwriting (with the standard pretalx 404 page content) of an arbitrary file.
Vulnerability category: Directory traversal
Products affected by CVE-2023-28458
- cpe:2.3:a:pretalx:pretalx:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-28458
0.12%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 45 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-28458
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N |
2.8
|
1.4
|
NIST |
CWE ids for CVE-2023-28458
-
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.Assigned by: nvd@nist.gov (Primary)
References for CVE-2023-28458
-
https://github.com/pretalx/pretalx/releases/tag/v2.3.2
Release v2.3.2 · pretalx/pretalx · GitHubRelease Notes
-
https://pretalx.com/p/news/security-release-232/
pretalx — Security release v2.3.2Vendor Advisory
-
https://github.com/pretalx/pretalx/commit/60722c43cf975f319e94102e6bff320723776890
Fix path traversal in static HTML export · pretalx/pretalx@60722c4 · GitHubPatch
-
https://www.sonarsource.com/blog/pretalx-vulnerabilities-how-to-get-accepted-at-every-conference/
Pretalx Vulnerabilities: How to get accepted at every conference | SonarExploit;Patch;Third Party Advisory
Jump to