CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2020-36388
https://notcve.org/view.php?id=CVE-2020-36388
In CiviCRM before 5.21.3 and 5.22.x through 5.24.x before 5.24.3, users may be able to upload and execute a crafted PHAR archive. En CiviCRM versiones anteriores a 5.21.3 y versiones 5.22.x hasta 5.24.x y versiones anteriores a 5.24.3, unos usuarios pueden ser capaces de cargar y ejecutar un archivo PHAR diseñado • https://blog.sonarsource.com/civicrm-code-execution-vulnerability-chain-explained https://civicrm.org/advisory/civi-sa-2020-03 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 1CVE-2020-36389 – CiviCRM < 5.28.1 - Cross-Site Request Forgery to Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2020-36389
In CiviCRM before 5.28.1 and CiviCRM ESR before 5.27.5 ESR, the CKEditor configuration form allows CSRF. En CiviCRM versiones anteriores a 5.28.1 y CiviCRM ESR versiones anteriores a 5.27.5 ESR, el formulario de configuración del CKEditor permite ataques de tipo CSRF The CiviCRM plugin for WordPress is vulnerable to Stored Cross-Site Scripting via improper CSRF checks in the CKEditor Configuration Form in versions up to, and including, 5.28.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. • https://blog.sonarsource.com/civicrm-code-execution-vulnerability-chain-explained https://civicrm.org/advisory/civi-sa-2020-11-csrf-ckeditor-configuration-form • CWE-352: Cross-Site Request Forgery (CSRF) •