Arbitrary file write leading to RCE in Camaleon CMS

Camaleon CMS is a dynamic and advanced content management system based on Ruby on Rails. An arbitrary file write vulnerability accessible via the upload method of the MediaController allows authenticated users to write arbitrary files to any location on the web server Camaleon CMS is running on (depending on the permissions of the underlying filesystem). E.g. This can lead to a delayed remote code execution in case an attacker is able to write a Ruby file into the config/initializers/ subfolder of the Ruby on Rails application. This issue has been addressed in release version 2.8.2. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

输出中的特殊元素转义处理不恰当(注入)

CamaleonCMS 注入漏洞

CamaleonCMS是CamaleonCMS团队的一套基于RubyonRails的高级动态内容管理系统（CMS）。 CamaleonCMS 2.8.0版本存在注入漏洞，该漏洞源于存在任意文件写入漏洞，允许经过身份验证的用户将任意文件写入服务器上的任何位置。

N/A

N/A