Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS05ZmN4LWN2NTYtdzU4cM4AA69X
Mautic vulnerable to Relative Path Traversal / Arbitrary File Deletion due to GrapesJS builder
Impact
Prior to the patched version, logged in users of Mautic are vulnerable to Relative Path Traversal/Arbitrary File Deletion. Regardless of the level of access the Mautic user had, they could delete files other than those in the media folders such as system files, libraries or other important files.
This vulnerability exists in the implementation of the GrapesJS builder in Mautic.
Patches
Update to 4.4.12 or 5.0.4.
Workarounds
No
References
- https://cwe.mitre.org/data/definitions/23.html
- https://cwe.mitre.org/data/definitions/22.html
- https://attack.mitre.org/techniques/T1630/002/
For more information
If you have any questions or comments about this advisory:
Email us at [email protected]
Permalink: https://github.com/advisories/GHSA-9fcx-cv56-w58pJSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS05ZmN4LWN2NTYtdzU4cM4AA69X
Source: GitHub Advisory Database
Origin: Unspecified
Severity: High
Classification: General
Published: 21 days ago
Updated: 21 days ago
CVSS Score: 8.1
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Identifiers: GHSA-9fcx-cv56-w58p, CVE-2021-27916
References:
- https://github.com/mautic/mautic/security/advisories/GHSA-9fcx-cv56-w58p
- https://github.com/mautic/mautic/commit/546045ff9c74dd8b3dac36c4ab3674380262c65a
- https://github.com/mautic/mautic/commit/95e8df3ae6730c725f1848d70e7992da369518f3
- https://github.com/advisories/GHSA-9fcx-cv56-w58p
Blast Radius: 3.9
Affected Packages
packagist:mautic/core
Dependent packages: 2Dependent repositories: 3
Downloads: 1,952 total
Affected Version Ranges: >= 5.0.0-alpha, < 5.0.4, >= 3.3.0, < 4.4.12
Fixed in: 5.0.4, 4.4.12
All affected versions: 3.3.0, 3.3.1, 3.3.2, 3.3.3, 3.3.4, 3.3.5, 4.0.0, 4.0.1, 4.0.2, 4.1.0, 4.1.1, 4.1.2, 4.2.0, 4.2.1, 4.2.2, 4.3.0, 4.3.1, 4.4.0, 4.4.1, 4.4.2, 4.4.3, 4.4.4, 4.4.5, 4.4.6, 4.4.7, 4.4.8, 4.4.9, 4.4.10, 4.4.11, 5.0.0, 5.0.0-alpha, 5.0.0-alpha1, 5.0.0-beta1, 5.0.0-beta2, 5.0.0-rc1, 5.0.0-rc2, 5.0.1, 5.0.2, 5.0.3
All unaffected versions: 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, 1.0.5, 1.1.0, 1.1.1, 1.1.2, 1.1.3, 1.2.0, 1.2.1, 1.2.2, 1.2.3, 1.2.4, 1.3.0, 1.3.1, 1.4.0, 1.4.1, 2.0.0, 2.0.1, 2.1.0, 2.1.1, 2.2.0, 2.2.1, 2.3.0, 2.4.0, 2.5.0, 2.5.1, 2.6.0, 2.6.1, 2.7.0, 2.7.1, 2.8.0, 2.8.1, 2.8.2, 2.9.0, 2.9.1, 2.9.2, 2.10.0, 2.10.1, 2.11.0, 2.12.0, 2.12.1, 2.12.2, 2.13.0, 2.13.1, 2.14.0, 2.14.1, 2.14.2, 2.15.0, 2.15.1, 2.15.2, 2.15.3, 2.16.0, 2.16.1, 2.16.2, 2.16.3, 2.16.4, 2.16.5, 3.0.0, 3.0.1, 3.0.2, 3.1.0, 3.1.1, 3.1.2, 3.2.0, 3.2.1, 3.2.2, 3.2.3, 3.2.4, 3.2.5, 4.4.12, 5.0.4