kiwitcms@12.2 vulnerabilities

kiwitcms is a Test Case Management System

Affected versions of this package are vulnerable to Command Injection by ignoring the Content-Type: text/plain header under certain conditions and insufficiently sanitizing inputs, allowing scripts to be executed.

A fix was pushed into the master branch but not yet published.

kiwitcms is a Test Case Management System

Affected versions of this package are vulnerable to Cross-site Scripting (XSS) due to improper user-input sanitization, by allowing certain browsers like Firefox to ignore the Content-Type: text/plain header on some occasions thus allowing potentially dangerous scripts to be executed.

A fix was pushed into the master branch but not yet published.

kiwitcms is a Test Case Management System

Affected versions of this package are vulnerable to Cross-site Scripting (XSS) due to improper file content validation, which might result in stored XSS. Exploiting this vulnerability is possible by uploading a maliciously crafted file.

Upgrade kiwitcms to version 12.4 or higher.

kiwitcms is a Test Case Management System

Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via unrestricted files upload. Earlier versions of Kiwi TCMS had introduced upload validators in order to prevent potentially dangerous files from being uploaded, see GHSA-fwcf-753v-fgcj and Content-Security-Policy definition to prevent cross-site-scripting attacks, see GHSA-2wcr-87wf-cf9j.

The upload validation checks are not robust enough which leave the possibility of an attacker to circumvent them and upload a potentially dangerous file. Exploting this flaw a combination of files could be uploaded so that they work together to circumvent the existing Content-Security-Policy and allow execution of arbitrary JavaScript in the browser.

Upgrade kiwitcms to version 12.3 or higher.