CVE-2023-28458
Published: 20 April 2023
Summary
CVE-2023-28458 is a medium-severity Path Traversal (CWE-22) vulnerability in Pretalx Pretalx. Its CVSS base score is 4.3 (Medium).
Operationally, ranked in the top 1.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
CVE-2023-28458 is a path traversal vulnerability in the pretalx event management system, specifically affecting versions 2.3.1 prior to 2.3.2. It resides in the non-default HTML export feature and stems from improper handling of file paths (CWE-22), enabling an authenticated user to cause an arbitrary file on the server to be overwritten with the contents of pretalx's standard 404 error page.
The issue can be exploited by conference organizers who have access to the HTML export functionality. By supplying a crafted path, an attacker can overwrite any file writable by the pretalx process, resulting in limited integrity impact without affecting confidentiality or availability. The vulnerability carries a CVSS 3.1 base score of 4.3, reflecting its network-accessible but low-privilege and low-impact nature.
Public references, including the pretalx security release announcement and the associated GitHub commit, indicate that the flaw is resolved in version 2.3.2. Administrators are advised to upgrade promptly, after which the HTML export feature no longer permits traversal to arbitrary paths.
The EPSS score has remained near its recorded peak of 0.7784 with a current value of 0.7680, indicating sustained but not sharply increasing exploitation interest since disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-0205
Vulnerability details
pretalx 2.3.1 before 2.3.2 allows path traversal in HTML export (a non-default feature). Organizers can trigger the overwriting (with the standard pretalx 404 page content) of an arbitrary file.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Validates pathnames and filenames to prevent traversal outside intended directories.