exploitDog

GHSA-2x7q-53h6-xvhj

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.2

Описание

Vanilla before 2.5.5 and 2.6.x before 2.6.2 allows Remote Code Execution because authenticated administrators have a reachable call to unserialize in the Gdn_Format class.

Vanilla before 2.5.5 and 2.6.x before 2.6.2 allows Remote Code Execution because authenticated administrators have a reachable call to unserialize in the Gdn_Format class.

Ссылки

EPSS

Процентиль: 84%

0.0231

Низкий

7.2 High

CVSS3

CVE ID

Дефекты

CWE-502

Связанные уязвимости

CVE-2018-19499

CVSS3: 7.2

nvd

около 7 лет назад

Vanilla before 2.5.5 and 2.6.x before 2.6.2 allows Remote Code Execution because authenticated administrators have a reachable call to unserialize in the Gdn_Format class.

EPSS

Процентиль: 84%

0.0231

Низкий

7.2 High

CVSS3

CVE ID

Дефекты

CWE-502