exploitDog

GHSA-xxhr-8f54-6m66

Опубликовано: 06 апр. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

Halo Blog CMS v1.4.17 was discovered to allow attackers to upload arbitrary files via the Attachment Upload function.

Halo Blog CMS v1.4.17 was discovered to allow attackers to upload arbitrary files via the Attachment Upload function.

Ссылки

EPSS

Процентиль: 42%

0.00198

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-434

Связанные уязвимости

CVE-2022-26619

CVSS3: 7.5

nvd

почти 4 года назад

Halo Blog CMS v1.4.17 was discovered to allow attackers to upload arbitrary files via the Attachment Upload function.

EPSS

Процентиль: 42%

0.00198

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-434