"We run a non-profit summer camp and hired Ricochet to design our camper and staff database from scratch. Their initial design was custom fit to suit our needs and as those needs have evolved the helpful staff at Ricochet have insured that timely changes keep our database up to date and running smoothly. Thanks for the fantastic service and personal attention, it's made a huge difference for our camp!"
—Chrissie Endler, Camp del Corazon

File Chooser Field - Moderately critical - Server Side Request Forgery, Information Disclosure - SA-CONTRIB-2023-015

Wed, 2023-05-17 09:46 — Anonymous (not verified)

Project: File Chooser FieldDate: 2023-May-17Security risk: Moderately critical 14∕25 AC:Basic/A:User/CI:Some/II:None/E:Exploit/TD:AllVulnerability: Server Side Request Forgery, Information DisclosureDescription: The File Chooser Field allows users to upload files using 3rd party plugins such as Google Drive and Dropbox.
This module fails to validate user input sufficiently which could under certain circumstances lead to a Server Side Request Forgery (SSRF) vulnerability leading to Information Disclosure. In uncommon configurations and scenarios, it might lead to Remote Code Execution.Solution:

If you use File Chooser Field version 7.x-1.x, Upgrade to 7.x-1.13

Reported By:

Drew Webber of the Drupal Security Team
George Hazlewood

Fixed By:

Drew Webber of the Drupal Security Team
aaron.ferris

Coordinated By:

Greg Knaddison of the Drupal Security Team

Path to article https://www.drupal.org/sa-contrib-2023-015

Search form

File Chooser Field - Moderately critical - Server Side Request Forgery, Information Disclosure - SA-CONTRIB-2023-015