Описание
An issue in Monstra CMS v3.0.4 allows attackers to execute arbitrary web scripts or HTML via bypassing the file extension filter and uploading crafted HTML files.
Ссылки
- ExploitIssue TrackingThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:monstra:monstra_cms:3.0.4:*:*:*:*:*:*:*
EPSS
Процентиль: 46%
0.0023
Низкий
6.5 Medium
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-434
Связанные уязвимости
github
больше 3 лет назад
An issue in Monstra CMS v3.0.4 allows attackers to execute arbitrary web scripts or HTML via bypassing the file extension filter and uploading crafted HTML files.
EPSS
Процентиль: 46%
0.0023
Низкий
6.5 Medium
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-434