exploitDog

GHSA-r99v-5qp5-2g28

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

Monstra CMS 3.0.4 allows attackers to execute arbitrary code via a crafted payload entered into the "Snippet content" field under the "Edit Snippet" module.

Monstra CMS 3.0.4 allows attackers to execute arbitrary code via a crafted payload entered into the "Snippet content" field under the "Edit Snippet" module.

Ссылки

EPSS

Процентиль: 77%

0.01025

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-77

CWE-94

Связанные уязвимости

CVE-2020-23219

CVSS3: 8.8

nvd

больше 4 лет назад

Monstra CMS 3.0.4 allows attackers to execute arbitrary code via a crafted payload entered into the "Snippet content" field under the "Edit Snippet" module.

EPSS

Процентиль: 77%

0.01025

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-77

CWE-94