exploitDog

GHSA-2h59-fhpr-vfx4

Опубликовано: 27 сент. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

A remote code execution (RCE) vulnerability in the xmlrpc.php endpoint of NodeBB Inc NodeBB forum software prior to v1.18.6 allows attackers to execute arbitrary code via crafted XML-RPC requests.

A remote code execution (RCE) vulnerability in the xmlrpc.php endpoint of NodeBB Inc NodeBB forum software prior to v1.18.6 allows attackers to execute arbitrary code via crafted XML-RPC requests.

Ссылки

EPSS

Процентиль: 100%

0.90105

Критический

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-91

Связанные уязвимости

CVE-2023-43187

CVSS3: 9.8

nvd

больше 2 лет назад

A remote code execution (RCE) vulnerability in the xmlrpc.php endpoint of NodeBB Inc NodeBB forum software prior to v1.18.6 allows attackers to execute arbitrary code via crafted XML-RPC requests.

EPSS

Процентиль: 100%

0.90105

Критический

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-91