exploitDog

GHSA-25jh-rpgw-34vr

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

An issue was discovered in Concrete CMS through 8.5.5. Fetching the update json scheme over HTTP leads to remote code execution.

An issue was discovered in Concrete CMS through 8.5.5. Fetching the update json scheme over HTTP leads to remote code execution.

Ссылки

EPSS

Процентиль: 87%

0.03585

Низкий

CVE ID

Связанные уязвимости

CVE-2021-40099

CVSS3: 7.2

nvd

около 4 лет назад

An issue was discovered in Concrete CMS through 8.5.5. Fetching the update json scheme over HTTP leads to remote code execution.

EPSS

Процентиль: 87%

0.03585

Низкий

CVE ID