CVE-2025-2304

A Privilege Escalation through a Mass Assignment exists in Camaleon CMS When a user wishes to change his password, the 'updated_ajax' method of the UsersController is called. The vulnerability stems from the use of the dangerous permit! method, which allows all parameters to pass through without any filtering.

CVSS

No CVSS.

References

Link	Resource
https://github.com/owen2345/camaleon-cms
https://www.tenable.com/security/research/tra-2025-09

Configurations

No configuration.

History

14 Mar 2025, 13:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-03-14 13:15

Updated : 2025-03-14 13:15

NVD link : CVE-2025-2304

Mitre link : CVE-2025-2304

CVE.ORG link : CVE-2025-2304

JSON object : View

Products Affected

No product.

CWE

CWE-915

Improperly Controlled Modification of Dynamically-Determined Object Attributes

{"id": "CVE-2025-2304", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "vulnreport@tenable.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 9.4, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-03-14T13:15:41.160", "references": [{"url": "https://github.com/owen2345/camaleon-cms", "source": "vulnreport@tenable.com"}, {"url": "https://www.tenable.com/security/research/tra-2025-09", "source": "vulnreport@tenable.com"}], "vulnStatus": "Received", "weaknesses": [{"type": "Secondary", "source": "vulnreport@tenable.com", "description": [{"lang": "en", "value": "CWE-915"}]}], "descriptions": [{"lang": "en", "value": "A Privilege Escalation through a Mass Assignment exists in Camaleon CMS\n\nWhen a user wishes to change his password, the 'updated_ajax' method of the UsersController is called. The vulnerability stems from the use of the dangerous permit!\u00a0method, which allows all parameters to pass through without any filtering."}], "lastModified": "2025-03-14T13:15:41.160", "sourceIdentifier": "vulnreport@tenable.com"}

CVE-2025-2304

JSON object

Attach tags to CVE-2025-2304

Attach tags to `CVE-2025-2304`