CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-39317 – Wagtail regular expression denial-of-service via search query parsing
https://notcve.org/view.php?id=CVE-2024-39317
11 Jul 2024 — Wagtail is an open source content management system built on Django. A bug in Wagtail's `parse_query_string` would result in it taking a long time to process suitably crafted inputs. When used to parse sufficiently long strings of characters without a space, `parse_query_string` would take an unexpectedly large amount of time to process, resulting in a denial of service. In an initial Wagtail installation, the vulnerability can be exploited by any Wagtail admin user. It cannot be exploited by end users. • https://github.com/wagtail/wagtail/commit/31b1e8532dfb1b70d8d37d22aff9cbde9109cdf2 • CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 3.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-45809 – Disclosure of user names via admin bulk action views in wagtail
https://notcve.org/view.php?id=CVE-2023-45809
19 Oct 2023 — Wagtail is an open source content management system built on Django. A user with a limited-permission editor account for the Wagtail admin can make a direct URL request to the admin view that handles bulk actions on user accounts. While authentication rules prevent the user from making any changes, the error message discloses the display names of user accounts, and by modifying URL parameters, the user can retrieve the display name for any user. The vulnerability is not exploitable by an ordinary site visit... • https://github.com/wagtail/wagtail/commit/bc96aed6ac53f998b2f4c4bf97e2d4f5fe337e5b • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-425: Direct Request ('Forced Browsing') CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2023-28837 – Wagtail vulnerable to denial-of-service via memory exhaustion when uploading large files
https://notcve.org/view.php?id=CVE-2023-28837
03 Apr 2023 — Wagtail is an open source content management system built on Django. Prior to versions 4.1.4 and 4.2.2, a memory exhaustion bug exists in Wagtail's handling of uploaded images and documents. For both images and documents, files are loaded into memory during upload for additional processing. A user with access to upload images or documents through the Wagtail admin interface could upload a file so large that it results in a crash of denial of service. The vulnerability is not exploitable by an ordinary site ... • https://docs.wagtail.org/en/stable/reference/settings.html#wagtailimages-max-upload-size • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.4EPSS: 0%CPEs: 2EXPL: 0CVE-2023-28836 – Wagtail vulnerable to stored Cross-site Scripting attack via ModelAdmin views
https://notcve.org/view.php?id=CVE-2023-28836
03 Apr 2023 — Wagtail is an open source content management system built on Django. Starting in version 1.5 and prior to versions 4.1.4 and 4.2.2, a stored cross-site scripting (XSS) vulnerability exists on ModelAdmin views within the Wagtail admin interface. A user with a limited-permission editor account for the Wagtail admin could potentially craft pages and documents that, when viewed by a user with higher privileges, could perform actions with that user's credentials. The vulnerability is not exploitable by an ordina... • https://docs.wagtail.org/en/stable/reference/contrib/modeladmin/chooseparentview.html#customising-chooseparentview • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-21683 – Comment reply notifications sent to incorrect users in wagtail
https://notcve.org/view.php?id=CVE-2022-21683
18 Jan 2022 — Wagtail is a Django based content management system focused on flexibility and user experience. When notifications for new replies in comment threads are sent, they are sent to all users who have replied or commented anywhere on the site, rather than only in the relevant threads. This means that a user could listen in to new comment replies on pages they have not have editing access to, as long as they have left a comment or reply somewhere on the site. A patched version has been released as Wagtail 2.15.2,... • https://github.com/wagtail/wagtail/commit/5fe901e5d86ed02dbbb63039a897582951266afd • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 3CVE-2021-32681 – Improper escaping of HTML ('Cross-site Scripting') in Wagtail StreamField blocks
https://notcve.org/view.php?id=CVE-2021-32681
17 Jun 2021 — Wagtail is an open source content management system built on Django. A cross-site scripting vulnerability exists in versions 2.13-2.13.1, versions 2.12-2.12.4, and versions prior to 2.11.8. When the `{% include_block %}` template tag is used to output the value of a plain-text StreamField block (`CharBlock`, `TextBlock` or a similar user-defined block derived from `FieldBlock`), and that block does not specify a template for rendering, the tag output is not properly escaped as HTML. This could allow users t... • https://github.com/wagtail/wagtail/releases/tag/v2.11.8 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •