CVE-2023-40183

MEDIUM Year: 2023
CVSS v3 Score
5.3
Medium
Weakness Type
CWE-434
View all →

Vulnerability Description

DataEase is an open source data visualization and analysis tool. Prior to version 1.18.11, DataEase has a vulnerability that allows an attacker to to obtain user cookies. The program only uses the `ImageIO.read()` method to determine whether the file is an image file or not. There is no whitelisting restriction on file suffixes. This allows the attacker to synthesize the attack code into an image for uploading and change the file extension to html. The attacker may steal user cookies by accessing links. The vulnerability has been fixed in v1.18.11. There are no known workarounds.

Related Vulnerabilities

CVE-2018-16821

MEDIUM
CVSS:5.3(Medium)

SeaCMS 6.64 allows arbitrary directory listing via upload/admin/admin_template.php?path=../templets/../../ requests.

CWE-4342018

CVE-2018-19789

MEDIUM
CVSS:5.3(Medium)

An issue was discovered in Symfony 2.7.x before 2.7.50, 2.8.x before 2.8.49, 3.x before 3.4.20, 4.0.x before 4.0.15, 4.1.x before 4.1.9, and 4.2.x before 4.2.1. When using the scalar type hint `string...

CWE-4342018

CVE-2021-29022

MEDIUM
CVSS:5.3(Medium)

In InvoicePlane 1.5.11, the upload feature discloses the full path of the file upload directory.

CWE-4342021

CVE-2023-38330

MEDIUM
CVSS:5.3(Medium)

OXID eShop Enterprise Edition 6.5.0 – 6.5.2 before 6.5.3 allows uploading files with modified headers in the administration area. An attacker can upload a file with a modified header to create a HTTP ...

CWE-4342023

CVE-2023-44962

MEDIUM
CVSS:5.3(Medium)

File Upload vulnerability in Koha Library Software 23.05.04 and before allows a remote attacker to read arbitrary files via the upload-cover-image.pl component.

CWE-4342023