CVE-2022-24977

Name of the Vulnerable Software and Affected Versions ImpressCMS versions prior to 1.4.2

Description The issue is related to insufficient restrictions on the directory path name in the processimage.php component of the ImpressCMS system. This can be exploited by a remote attacker to execute arbitrary code. The vulnerability involves directory traversal in the origName or imageName parameters, leading to unsafe interaction with the CKEditor processImage.php script. The payload may be placed in PHP SESSION UPLOAD PROGRESS when the PHP installation supports upload progress.

Recommendations For versions prior to 1.4.2, update to version 1.4.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the processImage.php script and disabling the use of the origName and imageName parameters in the CKEditor script until a patch is available. Avoid using the PHP SESSION UPLOAD PROGRESS variable in the affected API endpoint until the issue is resolved.