exploitDog

GHSA-8vr7-mc5w-34ff

Опубликовано: 26 июн. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

An Unrestricted Upload vulnerability, due to insufficient validation on UploadControlled.cs file, in BlogEngine.Net version 3.3.8.0 and earlier allows remote attackers to execute remote code.

An Unrestricted Upload vulnerability, due to insufficient validation on UploadControlled.cs file, in BlogEngine.Net version 3.3.8.0 and earlier allows remote attackers to execute remote code.

Ссылки

EPSS

Процентиль: 99%

0.81438

Высокий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-434

Связанные уязвимости

CVE-2023-33404

CVSS3: 9.8

nvd

больше 2 лет назад

An Unrestricted Upload vulnerability, due to insufficient validation on UploadControlled.cs file, in BlogEngine.Net version 3.3.8.0 and earlier allows remote attackers to execute remote code.

EPSS

Процентиль: 99%

0.81438

Высокий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-434