{"id":"CVE-2024-52292","summary":"Craft Allows Attackers to Read Arbitrary System Files","details":"Craft is a content management system (CMS). The dataUrl function can be exploited if an attacker has write permissions on system notification templates. This function accepts an absolute file path, reads the file's content, and converts it into a Base64-encoded string. By embedding this function within a system notification template, the attacker can exfiltrate the Base64-encoded file content through a triggered system email notification. Once the email is received, the Base64 payload can be decoded, allowing the attacker to read arbitrary files on the server. This is fixed in 5.4.9 and 4.12.8.","aliases":["GHSA-cw6g-qmjq-6w2w"],"modified":"2026-03-01T02:54:50.623260Z","published":"2024-11-13T16:08:32.698Z","database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/52xxx/CVE-2024-52292.json","cna_assigner":"GitHub_M","cwe_ids":["CWE-22","CWE-552"]},"references":[{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/52xxx/CVE-2024-52292.json"},{"type":"ADVISORY","url":"https://github.com/craftcms/cms/security/advisories/GHSA-cw6g-qmjq-6w2w"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-52292"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/craftcms/cms","events":[{"introduced":"4ec99c746bfa1461473ea0e2274adefcf00b385b"},{"fixed":"8c354fc15b0fba8a8b9363f0f98883a76e57795f"}],"database_specific":{"versions":[{"introduced":"5.0.0-alpha.1"},{"fixed":"5.4.9"}]}},{"type":"GIT","repo":"https://github.com/craftcms/cms","events":[{"introduced":"47fb8c41b0a0349a010f2090619e6e062aea6999"},{"fixed":"4477bfd70abefa77c34574238499764522a6ff4f"}],"database_specific":{"versions":[{"introduced":"3.5.13"},{"fixed":"4.12.8"}]}}],"versions":["3.5.13","3.5.13.1","3.5.13.2","3.5.14","3.5.15","3.5.15.1","3.5.16","3.5.17","3.5.17.1","3.5.18","3.5.19","3.5.19.1","3.6.0","3.6.0-RC1","3.6.0-RC2","3.6.0-RC2.1","3.6.0-RC3","3.6.0-RC4","3.6.0-beta.1","3.6.0-beta.1.1","3.6.0-beta.2","3.6.0.1","3.6.1","3.6.10","3.6.11","3.6.11.1","3.6.11.2","3.6.12","3.6.12.1","3.6.13","3.6.14","3.6.15","3.6.16","3.6.17","3.6.18","3.6.2","3.6.3","3.6.4","3.6.4.1","3.6.5","3.6.5.1","3.6.6","3.6.7","3.6.8","3.6.9","3.7.0","3.7.0-beta.1","3.7.0-beta.2","3.7.0-beta.3","3.7.0-beta.4","3.7.0-beta.5","3.7.0-beta.6","3.7.1","3.7.10","3.7.11","3.7.12","3.7.13","3.7.14","3.7.15","3.7.16","3.7.17","3.7.17.1","3.7.17.2","3.7.18","3.7.18.1","3.7.18.2","3.7.19","3.7.19.1","3.7.2","3.7.20","3.7.21","3.7.22","3.7.23","3.7.24","3.7.25","3.7.25.1","3.7.26","3.7.27","3.7.27.1","3.7.27.2","3.7.28","3.7.29","3.7.3","3.7.3.1","3.7.3.2","3.7.30","3.7.30.1","3.7.31","3.7.32","3.7.33","3.7.34","3.7.35","3.7.36","3.7.37","3.7.38","3.7.39","3.7.4","3.7.40","3.7.40.1","3.7.41","3.7.42","3.7.43","3.7.44","3.7.45","3.7.45.1","3.7.45.2","3.7.46","3.7.47","3.7.47.1","3.7.48","3.7.49","3.7.5","3.7.50","3.7.51","3.7.52","3.7.53","3.7.53.1","3.7.54","3.7.55","3.7.55.1","3.7.55.2","3.7.55.3","3.7.56","3.7.57","3.7.58","3.7.59","3.7.6","3.7.60","3.7.61","3.7.62","3.7.63","3.7.63.1","3.7.64","3.7.64.1","3.7.65","3.7.65.1","3.7.65.2","3.7.66","3.7.67","3.7.68","3.7.7","3.7.8","3.7.9","3.8.0","3.8.0-beta.1","3.8.0-beta.2","3.8.0-beta.3","3.8.0-beta.4","3.8.0-beta.5","3.8.0-beta.6","3.8.1","3.8.10","3.8.10.1","3.8.10.2","3.8.11","3.8.12","3.8.13","3.8.14","3.8.15","3.8.16","3.8.17","3.8.2","3.8.3","3.8.4","3.8.5","3.8.6","3.8.7","3.8.8","3.8.9","3.9.0","3.9.1","3.9.10","3.9.11","3.9.12","3.9.13","3.9.2","3.9.3","3.9.4","3.9.5","3.9.6","4.0.0","4.0.0-RC1","4.0.0-RC2","4.0.0-RC3","4.0.0-alpha.1","4.0.0-beta.1","4.0.0-beta.2","4.0.0-beta.3","4.0.0-beta.4","4.0.0.1","4.0.1","4.0.2","4.0.3","4.0.4","4.0.5","4.0.5.1","4.0.5.2","4.0.6","4.1.0","4.1.0.1","4.1.0.2","4.1.1","4.1.2","4.1.3","4.1.4","4.1.4.1","4.10.0","4.10.0-beta.1","4.10.0-beta.2","4.10.1","4.10.2","4.10.3","4.10.4","4.10.5","4.10.6","4.10.7","4.10.8","4.11.0","4.11.0.1","4.11.0.2","4.11.1","4.11.2","4.11.3","4.11.4","4.11.5","4.12.0","4.12.1","4.12.2","4.12.3","4.12.4","4.12.4.1","4.12.5","4.12.6","4.12.6.1","4.12.7","4.12.8","4.2.0","4.2.0.1","4.2.0.2","4.2.1","4.2.1.1","4.2.2","4.2.3","4.2.4","4.2.5","4.2.5.1","4.2.5.2","4.2.6","4.2.7","4.2.8","4.3.0","4.3.1","4.3.10","4.3.11","4.3.2","4.3.2.1","4.3.3","4.3.4","4.3.5","4.3.6","4.3.6.1","4.3.7","4.3.7.1","4.3.8","4.3.8.1","4.3.8.2","4.3.9","4.4.0","4.4.0-beta.1","4.4.0-beta.2","4.4.0-beta.3","4.4.0-beta.4","4.4.0-beta.5","4.4.0-beta.6","4.4.0-beta.7","4.4.1","4.4.10","4.4.10.1","4.4.11","4.4.12","4.4.13","4.4.14","4.4.15","4.4.16","4.4.16.1","4.4.17","4.4.2","4.4.3","4.4.4","4.4.5","4.4.6","4.4.6.1","4.4.7","4.4.7.1","4.4.8","4.4.9","4.5.0","4.5.0-beta.1","4.5.0-beta.2","4.5.1","4.5.10","4.5.11","4.5.11.1","4.5.12","4.5.13","4.5.14","4.5.15","4.5.2","4.5.3","4.5.4","4.5.5","4.5.6","4.5.6.1","4.5.7","4.5.8","4.5.9","4.6.0","4.6.0-RC1","4.6.1","4.7.0","4.7.1","4.7.2","4.7.2.1","4.7.3","4.7.4","4.8.0","4.8.1","4.8.10","4.8.11","4.8.2","4.8.3","4.8.4","4.8.5","4.8.6","4.8.7","4.8.8","4.8.9","4.9.0","4.9.1","4.9.2","4.9.3","4.9.4","4.9.5","4.9.6","4.9.7","5.0.0","5.0.0-RC1","5.0.0-alpha.1","5.0.0-alpha.10","5.0.0-alpha.11","5.0.0-alpha.12","5.0.0-alpha.13","5.0.0-alpha.2","5.0.0-alpha.3","5.0.0-alpha.4","5.0.0-alpha.5","5.0.0-alpha.6","5.0.0-alpha.7","5.0.0-alpha.8","5.0.0-alpha.9","5.0.0-beta.1","5.0.0-beta.10","5.0.0-beta.11","5.0.0-beta.2","5.0.0-beta.3","5.0.0-beta.4","5.0.0-beta.5","5.0.0-beta.6","5.0.0-beta.7","5.0.0-beta.8","5.0.0-beta.9","5.0.1","5.0.2","5.0.3","5.0.4","5.0.5","5.0.6","5.1.0","5.1.1","5.1.10","5.1.2","5.1.3","5.1.4","5.1.5","5.1.6","5.1.7","5.1.8","5.1.9","5.2.0","5.2.0-beta.1","5.2.0-beta.2","5.2.0-beta.3","5.2.0-beta.4","5.2.0-beta.5","5.2.0-beta.6","5.2.1","5.2.10","5.2.2","5.2.3","5.2.4","5.2.4.1","5.2.5","5.2.6","5.2.7","5.2.8","5.2.9","5.3.0","5.3.0-beta.1","5.3.0-beta.2","5.3.0.1","5.3.0.2","5.3.0.3","5.3.1","5.3.2","5.3.3","5.3.4","5.3.5","5.3.6","5.4.0","5.4.0.1","5.4.1","5.4.2","5.4.3","5.4.4","5.4.5","5.4.5.1","5.4.6","5.4.7","5.4.7.1","5.4.8","@craftcms/sass@1.0.0","@craftcms/sass@1.0.1","@craftcms/webpack@0.0.1","@craftcms/webpack@0.1.0","@craftcms/webpack@0.2.0","@craftcms/webpack@0.3.0","@craftcms/webpack@0.3.1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-52292.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"}]}