Vulnerability Note VU#901156

PivotX 2.3.8 contains multiple vulnerabilities

Original Release date: 11 Apr 2014 | Last revised: 24 Jul 2014

Overview

PivotX 2.3.8, and possibly earlier versions, contains cross-site scripting (CWE-79) and unsafe file upload (CWE-434) vulnerabilities.

Description

PivotX 2.3.8, and possibly earlier versions, contains cross-site scripting (CWE-79) and unsafe file upload (CWE-434) vulnerabilities.

CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') - CVE-2014-0341
PivotX overview screens were susceptible to cross-site scripting attacks. The following code commits provide the details.
http://sourceforge.net/p/pivot-weblog/code/4349/
http://sourceforge.net/p/pivot-weblog/code/4345/

CWE-434: Unrestricted Upload of File with Dangerous Type - CVE-2014-0342
The file upload check did not include the file extension. The following code commit provides the details.
http://sourceforge.net/p/pivot-weblog/code/4347/

The CVSS score below is for CVE-2014-0342.

Impact

A remote authenticated attacker may be able to inject arbitrary script into a web page or upload a malicious file.

Solution

Apply an Update

PivotX 2.3.9 has been released to address these vulnerabilities.

Vendor Information (Learn More)

VendorStatusDate NotifiedDate Updated
PivotXAffected-11 Apr 2014
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

Group Score Vector
Base 6.5 AV:N/AC:L/Au:S/C:P/I:P/A:P
Temporal 5.1 E:POC/RL:OF/RC:C
Environmental 1.3 CDP:ND/TD:L/CR:ND/IR:ND/AR:ND

References

Credit

Thanks to Diego García for reporting these vulnerabilities.

This document was written by Jared Allar.

Other Information

  • CVE IDs: CVE-2014-0341 CVE-2014-0342
  • Date Public: 05 Mar 2014
  • Date First Published: 11 Apr 2014
  • Date Last Updated: 24 Jul 2014
  • Document Revision: 7

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.