cruddiy icon indicating copy to clipboard operation
cruddiy copied to clipboard

Published 20 hours ago verified publisher icon jan-vandenberg

Security vulnerability disclosure

Open kazet opened this issue 1 year ago • 6 comments

Hello,

CERT PL found a security vulnerability in this repository. How can we report this privately? We don't see any security policy describing how such vulnerabilities should be reported.

kazet avatar Nov 21 '23 11:11 kazet

Please send to my personal email janvdberg at gmail

jan-vandenberg avatar Nov 21 '23 12:11 jan-vandenberg

Thank you! You should have received a report.

kazet avatar Nov 23 '23 16:11 kazet

Hello,

CERT PL has sent you a report on 23rd of November and resent it on 18th of December. Have you received any of them?

lukigruszka avatar Jan 24 '24 14:01 lukigruszka

Yes, but the mentioned finding applies to core/relations.php. This is code that is NOT meant to be deployed.

Cruddiy GENERATES code that IS meant to be deployed, and any findings there are of greater importance (not the generator code).

That being said, we will of course try and look into it, but that explains a little bit why there wasn't a direct response.

jan-vandenberg avatar Jan 24 '24 14:01 jan-vandenberg

We are aware that this code is not meant to be deployed. However, in a limited scope that vulnerability still poses a risk - when a user runs cruddiy locally and then enters a malicious website which performs such a crafted POST request to localhost, some arbitrary shell command will be executed on his/her machine.

lukigruszka avatar Jan 24 '24 15:01 lukigruszka

Hi, any updates on that? We would like to proceed with assigning a CVE for that vulnerability

lukigruszka avatar Apr 16 '24 08:04 lukigruszka