exploitDog

GHSA-q8x8-9m2h-346g

Опубликовано: 20 дек. 2024

Источник: github

Github: Не прошло ревью

CVSS4: 8.7

CVSS3: 8.8

Описание

There is an unrestricted file upload vulnerability where it is possible for an authenticated user (low privileged) to upload an jsp shell and execute code with the privileges of user running the web server.

There is an unrestricted file upload vulnerability where it is possible for an authenticated user (low privileged) to upload an jsp shell and execute code with the privileges of user running the web server.

Ссылки

EPSS

Процентиль: 50%

0.00263

Низкий

8.7 High

CVSS4

8.8 High

CVSS3

CVE ID

Дефекты

CWE-434

Связанные уязвимости

CVE-2024-12700

CVSS3: 8.8

nvd

около 1 года назад

There is an unrestricted file upload vulnerability where it is possible for an authenticated user (low privileged) to upload an jsp shell and execute code with the privileges of user running the web server.

EPSS

Процентиль: 50%

0.00263

Низкий

8.7 High

CVSS4

8.8 High

CVSS3

CVE ID

Дефекты

CWE-434