Описание
An issue was discovered in Cuppa CMS Versions Before 31 Jan 2021 allows authenticated attackers to gain escalated privileges via a crafted POST request using the user_group_id_field parameter.
Ссылки
- ExploitIssue TrackingThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 31\/jan\/2021 (исключая)
cpe:2.3:a:cuppacms:cuppacms:*:*:*:*:*:*:*:*
EPSS
Процентиль: 65%
0.00501
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
CVSS3: 8.8
github
около 4 лет назад
An issue was discovered in Cuppa CMS Versions Before 31 Jan 2021 allows authenticated attackers to gain escalated privileges via a crafted POST request using the user_group_id_field parameter.
EPSS
Процентиль: 65%
0.00501
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
NVD-CWE-Other