Lucene search

GoogleOSV:GHSA-7X6Q-3V3M-CWJG

HistoryApr 24, 2023 - 4:46 p.m.

kiwi TCMS has possibility for user to update email address to unverified one

2023-04-2416:46:14

Google

osv.dev

kiwi tcms

email address

ownership verification

security patch

vulnerability

user account

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

EPSS

0.001

Percentile

42.2%

JSON

Impact

In previous versions of Kiwi TCMS users were able to update their email addresses via the “My profile” admin page. This page allowed them to change the email address registered with their account without the ownership verification performed during account registration.

Patches

With Kiwi TCMS v12.2 or later it is not possible to edit the email field associated with a user account!

Workarounds

No workaround exists.

References

Disclosed by @novemberdad.

References

github.com/kiwitcms/Kiwi

github.com/kiwitcms/Kiwi/security/advisories/GHSA-7x6q-3v3m-cwjg

huntr.dev/bounties/1714df73-e639-4d64-ab25-ced82dad9f85

kiwitcms.org/blog/kiwi-tcms-team/2023/04/23/kiwi-tcms-122

nvd.nist.gov/vuln/detail/CVE-2023-30544

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

EPSS

0.001

Percentile

42.2%

JSON

Related for OSV:GHSA-7X6Q-3V3M-CWJG