Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Craft Allows Attackers to Read Arbitrary System Files
Vulnerability Description
Craft is a content management system (CMS). The dataUrl function can be exploited if an attacker has write permissions on system notification templates. This function accepts an absolute file path, reads the file's content, and converts it into a Base64-encoded string. By embedding this function within a system notification template, the attacker can exfiltrate the Base64-encoded file content through a triggered system email notification. Once the email is received, the Base64 payload can be decoded, allowing the attacker to read arbitrary files on the server. This is fixed in 5.4.9 and 4.12.8.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Vulnerability Type
对外部实体的文件或目录可访问
Vulnerability Title
Craft CMS安全漏洞
Vulnerability Description
Craft CMS是Craft CMS开源的一套内容管理系统(CMS)。 Craft CMS存在安全漏洞,该漏洞源于可以解码Base64有效载荷,从而使攻击者能够读取服务器上的任意文件。
CVSS Information
N/A
Vulnerability Type
N/A