Описание
SPIP before 3.2.14 and 4.x before 4.0.5 allows remote authenticated editors to execute arbitrary code.
SPIP before 3.2.14 and 4.x before 4.0.5 allows remote authenticated editors to execute arbitrary code.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2022-26846
- https://blog.spip.net/Mise-a-jour-critique-de-securite-sorties-de-SPIP-4-0-5-et-SPIP-3-2-14.html
- https://git.spip.net/spip/medias/commit/3014b845da2dd8ad15ff04b50fd9dbba388a9ca2
- https://lists.debian.org/debian-lts-announce/2022/03/msg00020.html
- https://lists.debian.org/debian-security-announce/2022/msg00060.html
Связанные уязвимости
CVSS3: 8.8
ubuntu
почти 4 года назад
SPIP before 3.2.14 and 4.x before 4.0.5 allows remote authenticated editors to execute arbitrary code.
CVSS3: 8.8
nvd
почти 4 года назад
SPIP before 3.2.14 and 4.x before 4.0.5 allows remote authenticated editors to execute arbitrary code.
CVSS3: 8.8
debian
почти 4 года назад
SPIP before 3.2.14 and 4.x before 4.0.5 allows remote authenticated ed ...