nvd-json-data-feeds/CVE-2024/CVE-2024-281xx/CVE-2024-28147.json

{
  "id": "CVE-2024-28147",
  "sourceIdentifier": "551230f0-3615-47bd-b7cc-93e92e730bbf",
  "published": "2024-06-20T11:15:55.913",
  "lastModified": "2024-11-21T09:05:53.770",
  "vulnStatus": "Awaiting Analysis",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An authenticated user can upload arbitrary files in the upload \nfunction for collection preview images. An attacker may upload an HTML \nfile that includes malicious JavaScript code which will be executed if a\n user visits the direct URL of the collection preview image (Stored \nCross Site Scripting). It is also possible to upload SVG files that \ninclude nested XML entities. Those are parsed when a user visits the \ndirect URL of the collection preview image, which may be utilized for a \nDenial of Service attack.\n\nThis issue affects edu-sharing: <8.0.8-RC2, <8.1.4-RC0, <9.0.0-RC19."
    },
    {
      "lang": "es",
      "value": "Un usuario autenticado puede cargar archivos arbitrarios en la funci\u00f3n de carga para im\u00e1genes de vista previa de la colecci\u00f3n. Un atacante puede cargar un archivo HTML que incluya c\u00f3digo JavaScript malicioso que se ejecutar\u00e1 si un usuario visita la URL directa de la imagen de vista previa de la colecci\u00f3n (Stored Cross Site Scripting). Tambi\u00e9n es posible cargar archivos SVG que incluyan entidades XML anidadas. Estos se analizan cuando un usuario visita la URL directa de la imagen de vista previa de la colecci\u00f3n, que puede utilizarse para un ataque de denegaci\u00f3n de servicio. Este problema afecta a edu-sharing: &lt;8.0.8-RC2, &lt;8.1.4-RC0, &lt;9.0.0-RC19."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H",
          "baseScore": 7.4,
          "baseSeverity": "HIGH",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "REQUIRED",
          "scope": "CHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "availabilityImpact": "HIGH"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 4.0
      }
    ]
  },
  "weaknesses": [
    {
      "source": "551230f0-3615-47bd-b7cc-93e92e730bbf",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-434"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://seclists.org/fulldisclosure/2024/Jun/11",
      "source": "551230f0-3615-47bd-b7cc-93e92e730bbf"
    },
    {
      "url": "https://r.sec-consult.com/metaventis",
      "source": "551230f0-3615-47bd-b7cc-93e92e730bbf"
    },
    {
      "url": "http://seclists.org/fulldisclosure/2024/Jun/11",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "https://packetstormsecurity.com/files/179199",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "https://r.sec-consult.com/metaventis",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    }
  ]
}