Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS02MzI0LTUycHItaDRwNc4AA3uc
Using the directory back payload (“/../”) in a package name allows placement of package in other folders.
Impact
Backoffice users with permissions to create packages can use path traversal and thereby write outside of the expected location.
Explanation of the vulnerability
The “Package” section in Umbraco Backoffice allows a logged in user to write folders outside of the default package directory.
Permalink: https://github.com/advisories/GHSA-6324-52pr-h4p5JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS02MzI0LTUycHItaDRwNc4AA3uc
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Low
Classification: General
Published: 5 months ago
Updated: 4 months ago
Identifiers: GHSA-6324-52pr-h4p5, CVE-2023-49089
References:
- https://github.com/umbraco/Umbraco-CMS/security/advisories/GHSA-6324-52pr-h4p5
- https://nvd.nist.gov/vuln/detail/CVE-2023-49089
- https://github.com/advisories/GHSA-6324-52pr-h4p5
Blast Radius: 1.0
Affected Packages
nuget:Umbraco.CMS
Dependent packages: 0Dependent repositories: 0
Downloads: 1,856,006 total
Affected Version Ranges: >= 11.0.0, < 12.3.4, >= 9.0.0, < 10.8.1, >= 8.0.0, < 8.18.10
Fixed in: 12.3.4, 10.8.1, 8.18.10
All affected versions: 9.0.0, 9.0.1, 9.1.0, 9.1.1, 9.1.2, 9.2.0, 9.3.0, 9.3.1, 9.4.0, 9.4.1, 9.4.2, 9.4.3, 9.5.0, 9.5.1, 9.5.2, 9.5.3, 9.5.4, 10.0.0, 10.0.1, 10.1.0, 10.1.1, 10.2.0, 10.2.1, 10.3.0, 10.3.1, 10.3.2, 10.4.0, 10.4.1, 10.4.2, 10.5.0, 10.5.1, 10.6.0, 10.6.1, 10.7.0, 10.8.0, 11.0.0, 11.1.0, 11.2.0, 11.2.1, 11.2.2, 11.3.0, 11.3.1, 11.4.0, 11.4.1, 11.4.2, 11.5.0, 12.0.0, 12.0.1, 12.1.0, 12.1.1, 12.1.2, 12.2.0, 12.3.0, 12.3.1, 12.3.2, 12.3.3
All unaffected versions: 10.8.1, 10.8.2, 10.8.3, 10.8.4, 10.8.5, 12.3.4, 12.3.5, 12.3.6, 12.3.7, 12.3.8, 12.3.9, 13.0.0, 13.0.1, 13.0.2, 13.0.3, 13.1.0, 13.1.1, 13.2.0, 13.2.1, 13.2.2, 13.3.0