CVE-2024-39311

Publify is a self hosted Web publishing platform on Rails. Prior to version 10.0.1 of Publify, corresponding to versions prior to 10.0.2 of the `publify_core` rubygem, publisher on a `publify` application is able to perform a cross-site scripting (XSS) attack on an administrator using the redirect functionality. The exploitation of this XSS vulnerability requires the administrator to click a malicious link. An attack could attempt to hide their payload by using HTML, or other encodings, as to not make it obvious to an administrator that this is a malicious link. A publisher may attempt to use this vulnerability to escalate their privileges and become an administrator. Version 10.0.1 of Publify and version 10.0.2 of the `publify_core` rubygem fix the issue.

CVSS v3 5.4 MEDIUM

5.4^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.3 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://github.com/publify/publify/security/advisories/GHSA-8fm5-gg2f-f66q	Exploit Vendor Advisory
https://github.com/publify/publify/security/advisories/GHSA-8fm5-gg2f-f66q	Exploit Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:publify:publify:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:publify:publify_core:*:*:*:*:*:ruby:*:*

History

14 Apr 2025, 14:24

Type	Values Removed	Values Added
References	~~() https://github.com/publify/publify/security/advisories/GHSA-8fm5-gg2f-f66q -~~	() https://github.com/publify/publify/security/advisories/GHSA-8fm5-gg2f-f66q - Exploit, Vendor Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.4
Summary		(es) Publify es una plataforma de publicación web autoalojada en Rails. Antes de la versión 10.0.1 de Publify, correspondiente a las versiones anteriores a la 10.0.2 de la gema `publify_core`, un editor en una aplicación `publify` podía realizar un ataque de Cross Site Scripting (XSS) contra un administrador mediante la función de redireccionamiento. Para explotar esta vulnerabilidad XSS, el administrador debe hacer clic en un enlace malicioso. Un ataque podría intentar ocultar su payload mediante HTML u otras codificaciones para que el administrador no note que se trata de un enlace malicioso. Un editor podría intentar aprovechar esta vulnerabilidad para aumentar sus privilegios y convertirse en administrador. Las versiones 10.0.1 de Publify y 10.0.2 de la gema `publify_core` solucionan el problema.
First Time		Publify Publify publify Core Publify publify
CPE		cpe:2.3:a:publify:publify:::::::: cpe:2.3:a:publify:publify_core::::::ruby::*

28 Mar 2025, 16:15

Type	Values Removed	Values Added
References	~~() https://github.com/publify/publify/security/advisories/GHSA-8fm5-gg2f-f66q -~~	() https://github.com/publify/publify/security/advisories/GHSA-8fm5-gg2f-f66q -

28 Mar 2025, 15:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-03-28 15:15

Updated : 2025-04-14 14:24

NVD link : CVE-2024-39311

Mitre link : CVE-2024-39311

CVE.ORG link : CVE-2024-39311

JSON object : View

Products Affected

publify

publify_core
publify

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

5.4 /10