Miggo Logo
Miggo Vulnerability Database
CVE-2022-32060

CVE-2022-32060: Snipe-IT 6.0.2 vulnerable to Cross-site Scripting via arbitrary file upload in Update Branding Settings

4.8

CVSS Score
3.1

Basic Information

CVE ID
CVE-2022-32060
GHSA ID
GHSA-w82x-xjjr-cjr5
EPSS Score
0.89281%
CWE
CWE-79
Published
7/8/2022
Updated
2/3/2023
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
snipe/snipe-itcomposer<= 6.0.2

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability occurs in the Branding Settings update functionality where favicon uploads are processed. The PoC demonstrates XSS execution via SVG file upload, indicating insufficient file type validation and content sanitization. In Laravel-based applications like Snipe-IT, this would typically be handled by a controller method responsible for processing branding settings updates. The combination of arbitrary file upload and subsequent XSS execution strongly points to the file upload handler in the branding settings controller as the vulnerable function.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*n *r*itr*ry *il* uplo** vuln*r**ility in t** Up**t* *r*n*in* S*ttin*s *ompon*nt o* Snip*-IT v*.*.* *llows *tt**k*rs to *x**ut* *r*itr*ry *o** vi* * *r**t** *il*.

Reasoning

T** vuln*r**ility o**urs in t** *r*n*in* S*ttin*s up**t* *un*tion*lity w**r* **vi*on uplo**s *r* pro**ss**. T** Po* **monstr*t*s XSS *x**ution vi* SV* *il* uplo**, in*i**tin* insu**i*i*nt *il* typ* v*li**tion *n* *ont*nt s*nitiz*tion. In L*r*v*l-**s*