Vulnerabilities > CVE-2023-50264 - Unspecified vulnerability in Bazarr
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
Bazarr manages and downloads subtitles. Prior to 1.3.1, Bazarr contains an arbitrary file read in /system/backup/download/ endpoint in bazarr/app/ui.py does not validate the user-controlled filename variable and uses it in the send_file function, which leads to an arbitrary file read on the system. This issue is fixed in version 1.3.1.
Vulnerable Configurations
References
- https://github.com/morpheus65535/bazarr/commit/17add7fbb3ae1919a40d505470d499d46df9ae6b
- https://github.com/morpheus65535/bazarr/commit/17add7fbb3ae1919a40d505470d499d46df9ae6b
- https://github.com/morpheus65535/bazarr/releases/tag/v1.3.1
- https://github.com/morpheus65535/bazarr/releases/tag/v1.3.1
- https://securitylab.github.com/advisories/GHSL-2023-192_GHSL-2023-194_bazarr/
- https://securitylab.github.com/advisories/GHSL-2023-192_GHSL-2023-194_bazarr/