exploitDog

GHSA-422q-cf96-8cqm

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

An issue was discovered in CMS Made Simple 2.2.8. In the module FilePicker, it is possible to reach an unserialize call with an untrusted parameter, and achieve authenticated object injection.

An issue was discovered in CMS Made Simple 2.2.8. In the module FilePicker, it is possible to reach an unserialize call with an untrusted parameter, and achieve authenticated object injection.

Ссылки

EPSS

Процентиль: 75%

0.00905

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-502

Связанные уязвимости

CVE-2019-9057

CVSS3: 8.8

nvd

почти 7 лет назад

An issue was discovered in CMS Made Simple 2.2.8. In the module FilePicker, it is possible to reach an unserialize call with an untrusted parameter, and achieve authenticated object injection.

EPSS

Процентиль: 75%

0.00905

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-502