CVE-2023-30613

CVSS V2 None CVSS V3 None

Description

Kiwi TCMS, an open source test management system, allows users to upload attachments to test plans, test cases, etc. In versions of Kiwi TCMS prior to 12.2, there is no control over what kinds of files can be uploaded. Thus, a malicious actor may upload an `.exe` file or a file containing embedded JavaScript and trick others into clicking on these files, causing vulnerable browsers to execute malicious code on another computer. Kiwi TCMS v12.2 comes with functionality that allows administrators to configure additional upload validator functions which give them more control over what file types are accepted for upload. By default `.exe` are denied. Other files containing the `<script>` tag, regardless of their type are also denied b/c they are a path to XSS attacks. There are no known workarounds aside from upgrading.

Overview

CVE ID
CVE-2023-30613

Assigner
security-advisories@github.com

Vulnerability Status
Awaiting Analysis

Published Version
2023-04-24T17:15:10

Last Modified Date
2023-04-24T17:43:16

Weakness Enumerations

CWE	URL
CWE-434	http://cwe.mitre.org/data/definitions/434.html

References

Reference URL	Reference Tags
https://github.com/kiwitcms/Kiwi/security/advisories/GHSA-fwcf-753v-fgcj
https://huntr.dev/bounties/c30d3503-600d-4d00-9571-98826a51f12c
https://kiwitcms.org/blog/kiwi-tcms-team/2023/04/23/kiwi-tcms-122/

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-30613
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30613

History

Created	Old Value	New Value	Data Type	Notes
2023-04-24 18:02:48				Added to TrackCVE
2023-04-24 18:02:50			Weakness Enumeration	new