Miggo Logo
Miggo Vulnerability Database
CVE-2024-45960

CVE-2024-45960:
Zenario allows authenticated admin users to upload PDF files containing malicious code

4.8

CVSS Score
3.1

Basic Information

CVE ID
CVE-2024-45960
GHSA ID
GHSA-3636-hx62-pv26
EPSS Score
0.08362%
CWE
CWE-79
Published
10/2/2024
Updated
10/2/2024
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
tribalsystems/zenariocomposer<= 9.7.61188

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability chain involves two key components: 1) The document upload function (zenario_document_upload) fails to properly sanitize PDF content, allowing JavaScript injection via PDF OpenAction (CWE-434). 2) The Document Container module's rendering logic (renderViewButton) serves the malicious PDF without adequate output encoding or sandboxing, enabling XSS execution (CWE-79). The PoC demonstrates this through admin-uploaded PDFs triggering alerts when viewed, indicating insufficient validation at both upload and rendering stages. The high confidence in the upload function comes from explicit references to the document upload panel in attack steps, while the rendering function is inferred from the Document Container module's role in serving content.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

Z*n*rio *.*.***** *llows *ut**nti**t** **min us*rs to uplo** P** *il*s *ont*inin* m*li*ious *o** into t** t*r**t syst*m. I* t** P** *il* is ****ss** t*rou** t** w**sit*, it **n tri***r * *ross Sit* S*riptin* (XSS) *tt**k.

Reasoning

T** vuln*r**ility ***in involv*s two k*y *ompon*nts: *) T** *o*um*nt uplo** *un*tion (z*n*rio_*o*um*nt_uplo**) **ils to prop*rly s*nitiz* P** *ont*nt, *llowin* J*v*S*ript inj**tion vi* P** Op*n**tion (*W*-***). *) T** *o*um*nt *ont*in*r mo*ul*'s r*n*