Pubblicato
2023-09-06 12:00
KCFinder provides a file-management dialog for CKEditor 4. It included two vulnerabilities:
- It allowed a "reflected" cross-site scripting (XSS) attack.
- It bypassed a CiviCRM policy option which limits file-uploads. (This bypass was still subject to other restrictions. The likely impact is to allow a "stored" XSS attack. However, it is possible for there to be other impacts.)
Security Risk
Moderately Critical
Vulnerability
Access Bypass
Cross Site Scripting
Affected Versions
CiviCRM version 5.64.3 and earlier
Fixed Versions
CiviCRM version 5.64.4, 5.65.0 and 5.63.4 (ESR)
Publication Date
Solutions
Upgrade to the fixed version of CiviCRM
Credits
Dennis Brinkrolf of RIPS Technologies / Cure53 / Mozilla Open Source Support (MOSS).
Seamus Lee of JMA Consulting/CiviCRM.
Tim Otten of CiviCRM.