Vulnerability Note VU#901156

PivotX 2.3.8 contains multiple vulnerabilities

Original Release date: 11 Apr 2014 | Last revised: 11 Apr 2014

Overview

PivotX 2.3.8, and possibly earlier versions, contains cross-site scripting (CWE-79) and unsafe file upload (CWE-434) vulnerabilities.

Description

PivotX 2.3.8, and possibly earlier versions, contains cross-site scripting (CWE-79) and unsafe file upload (CWE-434) vulnerabilities.

CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') - CVE-2014-0341
PivotX overview screens were susceptible to cross-site scripting attacks. The following code commits provide the details.
http://sourceforge.net/p/pivot-weblog/code/4349/
http://sourceforge.net/p/pivot-weblog/code/4345/

CWE-434: Unrestricted Upload of File with Dangerous Type - CVE-2014-0342
The file upload check did not include the file extension. The following code commit provides the details.
http://sourceforge.net/p/pivot-weblog/code/4347/

The CVSS score below is for CVE-2014-0342.

Impact

A remote authenticated attacker may be able to inject arbitrary script into a web page or upload a malicious file.

Solution

Apply an Update

PivotX 2.3.9 has been released to address these vulnerabilities.

Vendor Information (Learn More)

VendorStatusDate NotifiedDate Updated
PivotXAffected-11 Apr 2014
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

Group Score Vector
Base 8.5 AV:N/AC:L/Au:S/C:C/I:C/A:--
Temporal 8.5 E:ND/RL:ND/RC:ND
Environmental 6.4 CDP:ND/TD:M/CR:ND/IR:ND/AR:ND

References

Credit

Thanks to Diego García for reporting these vulnerabilities.

This document was written by Jared Allar.

Other Information

  • CVE IDs: CVE-2014-0341 CVE-2014-0342
  • Date Public: 05 Mar 2014
  • Date First Published: 11 Apr 2014
  • Date Last Updated: 11 Apr 2014
  • Document Revision: 4

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.