Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-6127: File Upload caused XSS (Import account) in suitecrm

Unrestricted Upload of File with Dangerous Type in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.

CVE
Open in Source
#xss#vulnerability#web#git

Hi @nam-no

The Security Team has now assessed the following issue:

SCRMBT-#248 – Huntr.dev: File Upload caused XSS (Import account) in salesagility/suitecrm

This issue has been given an internal severity grading of 'Important’. Due to the severity of this issue we are working to release a fix for it soon.

We would like to suggest a change in the CVSS rating to CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N (Medium 5.4), the following are the reasons for the change:

Attack Vector

  • Network
  • A victim must access a vulnerable system via the network.

Attack Complexity

  • Low

Privileges Required

  • Low
  • By default users have access to the import, to revoke access to the import security groups and other configurations need to be changed

User Interaction

  • Required
  • This attack takes effect during the import process, which needs to be done by the user himself, not by an attacker in other moments. And users also have control over the imported file, which they manually upload.

Scope

  • Changed
  • The vulnerability is exploited on the web server, but the impact is to the user’s browser.

Confidentiality Impact

  • Low
  • Information which should only be disclosed to the vulnerable site, such as cookies, could be provided by the victim’s browser to the attacker.
  • See example: https://www.first.org/cvss/v3.0/examples#DokuWiki-Reflected-Cross-site-Scripting-Attack-CVE-2014-9253

Integrity Impact

  • Low
  • Information maintained in the victim’s web browser can be modified, but only information associated with the web site running the app.
  • See example: https://www.first.org/cvss/v3.0/examples#DokuWiki-Reflected-Cross-site-Scripting-Attack-CVE-2014-9253

Availability Impact

  • None

Regarding the question whether in import Quotes is a duplicate. Yes, it is a duplicate, this report covers any module, we used the same functionality for imports on both modules.

Once the fix is released, we aim to include your name in the release notes - giving credit for finding and reporting this issue. Please let us know if you would prefer not be included or have a specific request on how you would like to be referenced within the release notes.

Once the issue is resolved on huntr.dev a CVE will be emitted. We will then update the release notes with this CVE.

Thank you for your assistance and contribution to the SuiteCRM product!

Kind regards, SuiteCRM Security Team

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE