exploitDog

GHSA-6453-4vff-qg82

Опубликовано: 12 апр. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 5.4

Описание

An arbitrary file upload vulnerability in the Digital Assets Manager module of DNN Corp DotNetNuke v7.0.0 to v9.10.2 allows attackers to execute arbitrary code via a crafted SVG file.

An arbitrary file upload vulnerability in the Digital Assets Manager module of DNN Corp DotNetNuke v7.0.0 to v9.10.2 allows attackers to execute arbitrary code via a crafted SVG file.

Ссылки

EPSS

Процентиль: 72%

0.00701

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2022-47053

CVSS3: 5.4

nvd

почти 3 года назад

An arbitrary file upload vulnerability in the Digital Assets Manager module of DNN Corp DotNetNuke v7.0.0 to v9.10.2 allows attackers to execute arbitrary code via a crafted SVG file.

EPSS

Процентиль: 72%

0.00701

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79