CVE-2022-34482 An attacker could trick a user to drag and drop an image to a filesystem to get an executable filename, which could contain malicious code.
It is possible to force a directory to be saved as a file via drag and drop, so an attacker could drop a directory onto a file and force it to be saved as a directory. This can be done with any type of file and not just executables, so it is not possible to prevent all cases of this attack. However, the source of the attack is user interaction, so it is possible to make it less likely to occur by encouraging users to only drag and drop files. The force_file_directory_text_area XSS filter disables this attack vector by filtering out the text area where a directory could be dropped.
How to fix the issue of directories being saved as file
One way to fix the issue of directories being saved as files is to use a filter that prevents users from dropping directories into text areas. The force_file_directory_text_area XSS filter does this by disabling this attack vector.
Another way to help prevent the attack is to encourage users not to drop directory files into text areas, but instead drag and drop them onto files and save them as directories.
CVE-2023-34483
An attacker can drop a directory onto a file to force it to be saved as a directory.
File System Vulnerabilities
File system vulnerabilities are a way for an attacker to gain access to a computer or server. The most common vulnerability is a directory traversal attack, which allows an attacker to read/write/delete files outside of the intended directory. This is generally done via commands like reading and writing files in the current working directory, reading and writing files across drives, or opening up files with default permissions.
Vulnerable URLs https://www.linkedin.com/feeds/posts/create?alt=json-in-script&callback=init
https://www.googleapis.com/auth/fitness.activity.read
There are a number of URLs that can be targeted by this exploit, so it's important to ensure your site is not vulnerable to these sorts of attacks.
Timeline
Published on: 12/22/2022 20:15:00 UTC
Last modified on: 12/30/2022 18:18:00 UTC