CVE request: PHP object insertion in Contao CMS <= 3.2.5

[Pedro Ribeiro <pedrib () gmail com>]

Hi,

I have discovered a vulnerability that might lead to code execution in
Contao CMS <= 3.2.4
Contao CMS <= 3.2.4 does not properly validate user input in several
locations which is then passed directly into PHP's unserialize.

This has been fixed in Contao 2.3.5 as per commit:
https://github.com/contao/core/commit/8c9cb044bdc887a8202bb65a64545c025664f957
and
https://github.com/contao/core/commit/1717336598fdcf1ed3f4ad488e140147cb31516d

Announcements can be found at

https <https://contao.org/en/news/contao-3_2_5.html>://<https://contao.org/en/news/contao-3_2_5.html>
contao.org <https://contao.org/en/news/contao-3_2_5.html>/<https://contao.org/en/news/contao-3_2_5.html>
en <https://contao.org/en/news/contao-3_2_5.html>/news/<https://contao.org/en/news/contao-3_2_5.html>
contao <https://contao.org/en/news/contao-3_2_5.html>-3_2_5.<https://contao.org/en/news/contao-3_2_5.html>
html <https://contao.org/en/news/contao-3_2_5.html>

https <https://contao.org/en/news/contao-2_11_14.html>://<https://contao.org/en/news/contao-2_11_14.html>
contao.org <https://contao.org/en/news/contao-2_11_14.html>/<https://contao.org/en/news/contao-2_11_14.html>
en <https://contao.org/en/news/contao-2_11_14.html>/news/<https://contao.org/en/news/contao-2_11_14.html>
contao <https://contao.org/en/news/contao-2_11_14.html>-2_11_14.<https://contao.org/en/news/contao-2_11_14.html>
html <https://contao.org/en/news/contao-2_11_14.html>

Thanks to the Contao developers for being so responsive.
The full report can be found at my repo in
https://github.com/pedrib/PoC/blob/master/contao-3.2.4.txt

Can you please assign a CVE for the vulnerability described above?

Thanks in advance.

Regards,

Pedro Ribeiro
Agile Information Security