CVE-2023-50982

CVSS v3.1

9.0

Critical

Vector

AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Stud.IP versions 5.x through 5.3.3

Description The issue allows XSS with resultant upload of executable files because upload action and edit action in Admin SmileysController do not check the file extension. This leads to remote code execution with the privileges of the www-data user.

Recommendations For versions 5.0.x, update to version 5.0.9. For versions 5.1.x, update to version 5.1.7. For versions 5.2.x, update to version 5.2.6. For versions 5.3.x, update to version 5.3.4. As a temporary workaround, consider disabling the upload action and edit action functions in Admin SmileysController until a patch is available. Restrict access to the Admin SmileysController to minimize the risk of exploitation.

Exploit

Fix

XSS

Unrestricted File Upload

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79CWE-434

Related Identifiers

CVE-2023-50982

Affected Products

Stud.Ip

CVE-2023-50982

Weakness Enumeration

Related Identifiers

Affected Products

References · 9