exploitDog

GHSA-qpjh-5v68-gc8g

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

In Joomla! 3.2.0 through 3.6.5 (fixed in 3.7.0), inadequate MIME type checks allowed low-privilege users to upload swf files even if they were explicitly forbidden.

In Joomla! 3.2.0 through 3.6.5 (fixed in 3.7.0), inadequate MIME type checks allowed low-privilege users to upload swf files even if they were explicitly forbidden.

Ссылки

EPSS

Процентиль: 0%

0.00006

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-434

Связанные уязвимости

CVE-2017-7989

CVSS3: 6.5

nvd

почти 9 лет назад

In Joomla! 3.2.0 through 3.6.5 (fixed in 3.7.0), inadequate MIME type checks allowed low-privilege users to upload swf files even if they were explicitly forbidden.

EPSS

Процентиль: 0%

0.00006

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-434