New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Responsible Disclosure - Security Issue #109
Comments
|
Hi François,
I can see the comment has been removed from Github. Do you want me to share
it with you via email or github?
--
*Avinash.R OSCP, ECSA, **CEH,*
*Security Consultant*
On Fri, Feb 26, 2021 at 5:11 PM Francois Planque <notifications@github.com>
wrote:
… Hello,
You can send me the info here.
Thank you.
François Planque
Chief of Evolution
b2evolution <http://b2evolution.net/> : The most integrated CMS ever
b2evolution includes everything you need to build websites for sharing and
interacting with your community.
Follow us on: Twitter <https://twitter.com/b2evolution> • Facebook <
https://www.facebook.com/b2evolution> • LinkedIn <
http://www.linkedin.com/company/b2evolution-net> • Star us / Fork us on
GitHub <https://github.com/b2evolution/b2evolution> !
> On 26 Feb 2021, at 11:12, Avinash ***@***.***> wrote:
>
>
> Hi Team,
> We have identified a Critical security issue and we would like to report
back to you since it is supposed to fixed ASAP. We tried to contact you via
the b2evolution forum. Since there was no response just trying to reach you
via all mode. Kindly help us with your mail id so we can report it directly
to the correct person as part of responsible disclosure.
>
> —
> You are receiving this because you are subscribed to this thread.
> Reply to this email directly, view it on GitHub <
#109>, or unsubscribe <
https://github.com/notifications/unsubscribe-auth/AAI2NI3MX7WDVDPC6VB3SYTTA5XYJANCNFSM4YIFH6ZQ
>.
>
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#109 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AC3HPLVRK3NSOD3LIVGJ6FDTA6CILANCNFSM4YIFH6ZQ>
.
|
|
Hi Avinash, I sent an email to Partha who contacted me on the forums. |
|
HI François, Mail has been sent. And let's keep this issue open until we have released a fix. |
|
@de-adshot @fplanque |
|
Only users who have access to collections in the backoffice would be able to use this exploit. These are typically trusted users. So the severity of the issue is LOW. |
|
Fix included here: https://b2evolution.net/downloads/7-2-3-stable |
|
@farfallosa I have not tested in 6.11.x. The vulnerability was tested and identified on 7.2.2. @fplanque this issue can be said trust issue. To be noted there are multiple user privileges can have access to collections as mentioned in the mail. Also there are multiple external attack vectors are available and one of them can be social engineering. CVSS 3.1 vector : AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Considering the above facts the vulnerability will fall under HIGH category. The type of vulnerability which was reported will never fall under LOW category in any circumstances. Hence we shall conclude that this vulnerability falls under HIGH severity. |
|
@fplanque you fixed the security issue in 7.2.3 but is there a fix for 6.11.5 or 6.11.7, too? May be that the issue was closed too soon. |
|
We (unpaid core developers) do not support v6 any more. |
|
Thank you to Avinash, Balaji Ayyasamy and Parthasarathi S for finding an reporting this issue: Avinash - https://www.linkedin.com/in/avinashranalyst/ |
|
A walkthrough for the identified vulnerability is as below, |
|
Hi All, |
|
@fplanque Hi, I have requested an update on the name updation via your b2evolution mail. Can you look into that? |
Hi Team,
We have identified a Critical security issue and we would like to report back to you since it is supposed to fixed ASAP. We tried to contact you via the b2evolution forum. Since there was no response just trying to reach you via all mode. Kindly help us with your mail id so we can report it directly to the correct person as part of responsible disclosure.
The text was updated successfully, but these errors were encountered: