Moderate severityNVD Advisory· Published May 23, 2022· Updated Aug 3, 2024
Authorization Bypass Through User-Controlled Key in publify/publify
CVE-2022-1810
Description
Authorization Bypass Through User-Controlled Key in GitHub repository publify/publify prior to 9.2.9.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
publify_coreRubyGems | < 9.2.9 | 9.2.9 |
Affected products
1- Range: unspecified
Patches
1c0aba87844d1Use only the main id parameter to find Article to update
2 files changed · +22 −2
publify_core/app/controllers/admin/content_controller.rb+2 −2 modified@@ -58,9 +58,9 @@ def create end def update - return unless access_granted?(params[:id]) + id = params[:id] + return unless access_granted?(id) - id = params[:article][:id] || params[:id] @article = Article.find(id) if params[:article][:draft]
publify_core/spec/controllers/admin/content_controller_spec.rb+20 −0 modified@@ -527,6 +527,26 @@ def base_article(options = {}) it { expect(article.reload.text_filter.name).to eq("textile") } it { expect(article.reload.body).to eq(body) } end + + context "with an owned article and another user's article" do + let(:article) { create(:article, body: "another *textile* test", user: publisher) } + let(:other_article) { create(:article, body: "other article") } + let(:body) { "not the *same* text" } + + before do + put :update, + params: { id: article.id, + article: { id: other_article.id, body: body } } + end + + it "ignores the extra id passed in the article parameters" do + aggregate_failures do + expect(response).to redirect_to(action: "index") + expect(article.reload.body).to eq(body) + expect(other_article.reload.body).not_to eq(body) + end + end + end end end
Vulnerability mechanics
Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
5- github.com/advisories/GHSA-c273-c6vg-4pv5ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-1810ghsaADVISORY
- github.com/publify/publify/commit/c0aba87844d1e47da50c0d99a3465164a4d244ceghsaWEB
- github.com/rubysec/ruby-advisory-db/blob/master/gems/publify_core/CVE-2022-1810.ymlghsaWEB
- huntr.dev/bounties/9b2d7579-032e-42da-b736-4b10a868eacbghsaWEB
News mentions
0No linked articles in our index yet.