CVE-2023-32686 HIGH

CVE-2023-32686: kiwitcms vulnerable to stored XSS via unrestricted files upload

Vendor Kiwitcms
Product Kiwi
Weakness CWE-79 · XSS
Published May 27, 2023
Last update January 14, 2025

CVSS base score

8.1/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

What the vulnerability does

01Description

Kiwi TCMS is an open source test management system for both manual and automated testing. Kiwi TCMS allows users to upload attachments to test plans, test cases, etc. Earlier versions of Kiwi TCMS had introduced upload validators in order to prevent potentially dangerous files from being uploaded. The upload validation checks were not robust enough which left the possibility of an attacker to circumvent them and upload a potentially dangerous file. Exploiting this flaw, a combination of files could be uploaded so that they work together to circumvent the existing Content-Security-Policy and allow execution of arbitrary JavaScript in the browser. This issue has been patched in version 12.3.

Key dates

02Disclosure timeline

May 27, 2023 CVE published
January 14, 2025 Record updated