exploitDog

GHSA-8vr7-qhvq-v25x

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

The Rich Text Formatter (Redactor) extension through v1.1.1 for Symphony CMS has an Unauthenticated arbitrary file upload vulnerability in content.fileupload.php and content.imageupload.php.

The Rich Text Formatter (Redactor) extension through v1.1.1 for Symphony CMS has an Unauthenticated arbitrary file upload vulnerability in content.fileupload.php and content.imageupload.php.

Ссылки

EPSS

Процентиль: 77%

0.01008

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-434

Связанные уязвимости

CVE-2019-13187

CVSS3: 9.8

nvd

больше 6 лет назад

The Rich Text Formatter (Redactor) extension through v1.1.1 for Symphony CMS has an Unauthenticated arbitrary file upload vulnerability in content.fileupload.php and content.imageupload.php.

EPSS

Процентиль: 77%

0.01008

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-434