CVE-2023-27577

Name of the Vulnerable Software and Affected Versions flarum versions prior to 1.7.0

Description The issue affects the LESS parser in flarum, allowing an attacker with a compromised admin account to read sensitive files on the server using path traversal techniques. This can be achieved by providing an absolute path to a sensitive file in the custom LESS setting. The scope of vulnerable files depends on the permissions given to the running flarum process. For example, an attacker could use the following code to read the contents of the /etc/passwd file on a Linux machine.

Recommendations To resolve the issue, upgrade to version 1.7.0. For users unable to upgrade, ensure admin accounts are secured with strong passwords and follow best practices for account security. Additionally, limit the exposure of sensitive files on the server by implementing appropriate file permissions and access controls at the operating system level.