Miggo Logo
Miggo Vulnerability Database
CVE-2023-28459

CVE-2023-28459: pretalx vulnerable to path traversal in HTML export

6.5

CVSS Score
3.1

Basic Information

CVE ID
CVE-2023-28459
GHSA ID
GHSA-wh3w-jcc7-mhmf
EPSS Score
0.49385%
CWE
CWE-22
Published
4/20/2023
Updated
10/21/2024
KEV Status
No
Technology
TechnologyPython

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
pretalxpip< 2.3.22.3.2

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The commit diff shows critical security checks were added to both functions:

  1. In dump_content: Added path.resolve() and parent directory validation to prevent traversal
  2. In get_mediastatic_content: Added path resolution and containment checks for MEDIA/STATIC_ROOT These changes directly address CWE-22 (Path Traversal). The Sonar blog explicitly describes how these functions processed attacker-controlled paths without proper validation, enabling file read/write primitives. The vulnerability documentation and patch context leave no ambiguity about their role in the exploit chain.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

pr*t*lx ***or* *.*.* *llows p*t* tr*v*rs*l in *TML *xport (* non-****ult ***tur*). Us*rs w*r* **l* to uplo** *r**t** *TML *o*um*nts t**t tri***r t** r***in* o* *r*itr*ry *il*s.

Reasoning

T** *ommit *i** s*ows *riti**l s**urity ****ks w*r* ***** to *ot* *un*tions: *. In *ump_*ont*nt: ***** p*t*.r*solv*() *n* p*r*nt *ir**tory v*li**tion to pr*v*nt tr*v*rs*l *. In **t_m**i*st*ti*_*ont*nt: ***** p*t* r*solution *n* *ont*inm*nt ****ks *or