SB2023050309 - Multiple vulnerabilities in Kiwi
Published: May 3, 2023
Security Bulletin ID
SB2023050309
Severity
Medium
Patch available
YES
Number of vulnerabilities
2
Exploitation vector
Remote access
Highest impact
Data manipulation
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 2 secuirty vulnerabilities.
1) Arbitrary file upload (CVE-ID: CVE-2023-30613)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to insufficient validation of file during file upload. A remote user can upload a malicious file and execute it on the server.
2) Unverified Ownership (CVE-ID: CVE-2023-30544)
The vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to the unverified ownership issue. A remote attacker can update password without verification.
Remediation
Install update from vendor's website.
References
- https://huntr.dev/bounties/c30d3503-600d-4d00-9571-98826a51f12c
- https://kiwitcms.org/blog/kiwi-tcms-team/2023/04/23/kiwi-tcms-122/
- https://github.com/kiwitcms/Kiwi/security/advisories/GHSA-fwcf-753v-fgcj
- https://huntr.dev/bounties/1714df73-e639-4d64-ab25-ced82dad9f85/
- https://github.com/kiwitcms/Kiwi/security/advisories/GHSA-7x6q-3v3m-cwjg