Description
Because of Unrestricted Upload of a File with a Dangerous Type, Sourcefabric Newscoop 4.4.7 allows an authenticated user to execute arbitrary PHP code (and sometimes terminal commands) on a server by making an avatar update and then visiting the avatar file under the /images/ path.
References (2)
Core 2
Core References
Patch, Third Party Advisory x_refsource_misc
https://github.com/sourcefabric/Newscoop/blob/3df835637609a5a42530b2a4611177c634ad6274/newscoop/library/Newscoop/Image/ImageService.php#L226
Exploit, Third Party Advisory x_refsource_misc
https://gist.github.com/V-Rico/82e9e52ac451dc20eef87b0999b3b1ee
Scores
CVSS v3
7.8
EPSS
0.0007
EPSS Percentile
21.3%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-434
Status
published
Products (1)
sourcefabric/newscoop
4.4.7
Published
May 19, 2020
Tracked Since
Feb 18, 2026