Closed Amal264882 closed 3 months ago
@Amal264882, your provided link is old. The new Camaleon CMS website is https://camaleon.website/. Have you tried the new site?
I tried this on new demo page. But once i added files, the https://demo-11320.camaleon.website/admin/media page is getting cracked.
@Amal264882, can you, please, try it once again?!
The site has just been upgraded with the recent camaleon_cms gem, so let's see if the page works or why is it failing, otherwise.
Hi, The site is working fine now. And the issues (XSS Vulnerability is still open). Can i Share the Video POC link?
On Sat, Jul 27, 2024 at 4:10 PM Aurel Branzeanu @.***> wrote:
@Amal264882 https://github.com/Amal264882, can you, please, try it once again?!
The site has just been upgraded with the recent camaleon_cms gem, so let's see if the page works or why is it failing, otherwise.
— Reply to this email directly, view it on GitHub https://github.com/owen2345/camaleon-cms/issues/1073#issuecomment-2254109624, or unsubscribe https://github.com/notifications/unsubscribe-auth/AGUEF6BZTNW2BPOMROJNPJ3ZON2IBAVCNFSM6AAAAABKQTZZ3SVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDENJUGEYDSNRSGQ . You are receiving this because you were mentioned.Message ID: @.***>
Thanks for reproduction, @Amal264882!
File content validation should be implemented. We'll work on this!
Please let me know one you fix this issue. And kindly request for a CVE for this issue in my name. Thanks.
Please let me know one you fix this issue. And kindly request for a CVE for this issue in my name. Thanks.
@Amal264882, can you, please, share by email the svg file you're using?! I have tried 3 different files both locally and in production and can't reproduce the issue.
The issue has been fixed in the new release - https://github.com/owen2345/camaleon-cms/releases/tag/2.8.1
Hi,
I am writing to follow up on the vulnerability I reported through GitHub, which has been addressed and fixed in your application. I would like to request that a CVE (Common Vulnerabilities and Exposures) be created for this vulnerability to ensure proper documentation and recognition.
Please let me know if you need any additional information from my side to facilitate this process.
On Thu, Aug 22, 2024 at 12:06 AM Aurel Branzeanu @.***> wrote:
Closed #1073 https://github.com/owen2345/camaleon-cms/issues/1073 as completed.
— Reply to this email directly, view it on GitHub https://github.com/owen2345/camaleon-cms/issues/1073#event-13964849907, or unsubscribe https://github.com/notifications/unsubscribe-auth/AGUEF6FX67BGBG254ASM273ZSTMZLAVCNFSM6AAAAABKQTZZ3SVHI2DSMVQWIX3LMV45UABCJFZXG5LFIV3GK3TUJZXXI2LGNFRWC5DJN5XDWMJTHE3DIOBUHE4TANY . You are receiving this because you were mentioned.Message ID: @.***>
While testing CMS {http://camaleon.tuzitio.com/pluginsdemo_manage/ - As this help us to test the dashboard online without installing it locally}, we are able to find that in file upload function in the post editing page there is no restriction in malicious files to upload. Due to this we were able to upload a malicious file confines Java Script and that leads to XSS (Cross Site Scripting). Cross site scripting refers to client-side code injection attack wherein an attacker can execute malicious scripts (also commonly referred to as a malicious payload) into a legitimate website or web application. XSS is among the most rampant of web application vulnerabilities and occurs when a web application makes use of unvalidated or unencoded user input within the output it generates.