FreeBSD : py-wagtail -- stored XSS vulnerability (17efbe19-4e72-426a-8016-2b4e001c1378)

medium Nessus Plugin ID 180366

Language:

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 17efbe19-4e72-426a-8016-2b4e001c1378 advisory.

- Wagtail is an open source content management system built on Django. Starting in version 1.5 and prior to versions 4.1.4 and 4.2.2, a stored cross-site scripting (XSS) vulnerability exists on ModelAdmin views within the Wagtail admin interface. A user with a limited-permission editor account for the Wagtail admin could potentially craft pages and documents that, when viewed by a user with higher privileges, could perform actions with that user's credentials. The vulnerability is not exploitable by an ordinary site visitor without access to the Wagtail admin, and only affects sites with ModelAdmin enabled. For page, the vulnerability is in the Choose a parent page ModelAdmin view (`ChooseParentView`), available when managing pages via ModelAdmin. For documents, the vulnerability is in the ModelAdmin Inspect view (`InspectView`) when displaying document fields. Patched versions have been released as Wagtail 4.1.4 and Wagtail 4.2.2. Site owners who are unable to upgrade to the new versions can disable or override the corresponding functionality. (CVE-2023-28836)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://osv.dev/vulnerability/GHSA-5286-f2rf-35c2

http://www.nessus.org/u?8699a49e

Plugin Details

Severity: Medium

ID: 180366

File Name: freebsd_pkg_17efbe194e72426a80162b4e001c1378.nasl

Version: 1.0

Type: local

Published: 8/31/2023

Updated: 8/31/2023

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.0

CVSS v2

Risk Factor: Medium

Base Score: 5.5

Temporal Score: 4.1

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:N

CVSS Score Source: CVE-2023-28836

CVSS v3

Risk Factor: Medium

Base Score: 5.4

Temporal Score: 4.7

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:py37-wagtail, p-cpe:/a:freebsd:freebsd:py310-wagtail, p-cpe:/a:freebsd:freebsd:py39-wagtail, cpe:/o:freebsd:freebsd, p-cpe:/a:freebsd:freebsd:py38-wagtail, p-cpe:/a:freebsd:freebsd:py311-wagtail

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Exploit Ease: No known exploits are available

Patch Publication Date: 8/31/2023

Vulnerability Publication Date: 4/3/2023

Reference Information

CVE: CVE-2023-28836