Description

Archive_Tar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack (such as file:// to overwrite files) can still succeed.

Remediation

References

CVE-2020-28949

Related Vulnerabilities

WordPress Plugin Sliced Invoices-WordPress Invoice Multiple Vulnerabilities (3.8.2)

WordPress Plugin Business Manager-WordPress ERP, HR, CRM, and Project Management Cross-Site Scripting (1.4.5)

TYPO3 Improper Input Validation Vulnerability (CVE-2019-11832)

WordPress Plugin Print My Blog-Print, PDF, & eBook Converter Server-Side Request Forgery (1.6.5)

ProjectSend Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-11378)

Severity

High

Classification

CVE-2020-28949 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities