Vulnerabilities > CVE-2021-25971 - Improper Handling of Exceptional Conditions vulnerability in Tuzitio Camaleon CMS
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
NONE Integrity impact
NONE Availability impact
LOW Summary
In Camaleon CMS, versions 2.0.1 to 2.6.0 are vulnerable to an Uncaught Exception. The app's media upload feature crashes permanently when an attacker with a low privileged access uploads a specially crafted .svg file
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- https://github.com/owen2345/camaleon-cms/commit/ab89584ab32b98a0af3d711e3f508a1d048147d2
- https://github.com/owen2345/camaleon-cms/commit/ab89584ab32b98a0af3d711e3f508a1d048147d2
- https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25971
- https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25971