CVE-2018-20465

Published: Dec 25, 2018Modified: Nov 21, 2024

7.2

Vector

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.2 / Impact: 5.9

Source: NVD

Description

Craft CMS through 3.0.34 allows remote authenticated administrators to read sensitive information via server-side template injection, as demonstrated by a {% string for craft.app.config.DB.user and craft.app.config.DB.password in the URI Format of the Site Settings, which causes a cleartext username and password to be displayed in a URI field.

Affected (1)

Products: Craftcms: Craft Cms

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Craftcms Craft Cms	Up to 3.0.34

Related CWEs

Missing Encryption of Sensitive Data

The product does not encrypt sensitive or critical information before storage or transmission.

References (4)

https://github.com/craftcms/cms/blob/master/CHANGELOG-v3.md

Source: cve@mitre.org

Release Notes

https://github.com/phuctam/Server-Side-Template-Injection-in-CraftCMS-/issues/1

Source: cve@mitre.org

ExploitThird Party Advisory

https://github.com/craftcms/cms/blob/master/CHANGELOG-v3.md

Source: af854a3a-2127-422b-91ae-364da2661108

Release Notes

https://github.com/phuctam/Server-Side-Template-Injection-in-CraftCMS-/issues/1

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.