CVE - CVE-2023-36809

CVE-ID
CVE-2023-36809	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Kiwi TCMS, an open source test management system allows users to upload attachments to test plans, test cases, etc. Versions of Kiwi TCMS prior to 12.5 had introduced changes which were meant to serve all uploaded files as plain text in order to prevent browsers from executing potentially dangerous files when such files are accessed directly. The previous Nginx configuration was incorrect allowing certain browsers like Firefox to ignore the `Content-Type: text/plain` header on some occasions thus allowing potentially dangerous scripts to be executed. Additionally, file upload validators and parts of the HTML rendering code had been found to require additional sanitation and improvements. Version 12.5 fixes this vulnerability with updated Nginx content type configuration, improved file upload validation code to prevent more potentially dangerous uploads, and Sanitization of test plan names used in the `tree_view_html()` function.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://github.com/kiwitcms/Kiwi/security/advisories/GHSA-jpgw-2r9m-8qfw URL:https://github.com/kiwitcms/Kiwi/security/advisories/GHSA-jpgw-2r9m-8qfw MISC:https://huntr.dev/bounties/511489dd-ba38-4806-9029-b28ab2830aa8/ URL:https://huntr.dev/bounties/511489dd-ba38-4806-9029-b28ab2830aa8/ MISC:https://huntr.dev/bounties/c6eeb346-fa99-4d41-bc40-b68f8d689223/ URL:https://huntr.dev/bounties/c6eeb346-fa99-4d41-bc40-b68f8d689223/ MISC:https://kiwitcms.org/blog/kiwi-tcms-team/2023/07/04/kiwi-tcms-125/ URL:https://kiwitcms.org/blog/kiwi-tcms-team/2023/07/04/kiwi-tcms-125/ MISC:https://www.github.com/kiwitcms/kiwi/commit/195ea53eaaf360c19227c864cc0fe58910032c3c URL:https://www.github.com/kiwitcms/kiwi/commit/195ea53eaaf360c19227c864cc0fe58910032c3c MISC:https://www.github.com/kiwitcms/kiwi/commit/ffb00450be52fe11a82a2507632c2328cae4ec9d URL:https://www.github.com/kiwitcms/kiwi/commit/ffb00450be52fe11a82a2507632c2328cae4ec9d
Assigning CNA
GitHub (maintainer security advisories)
Date Record Created
20230627	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20230627)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)