exploitDog

CVE-2022-47003

Опубликовано: 01 фев. 2023

Источник: nvd

CVSS3: 9.8

EPSS Средний

Описание

A vulnerability in the Remember Me function of Mura CMS before v10.0.580 allows attackers to bypass authentication via a crafted web request.

Ссылки

http://mura.com
Not Applicable
https://hoyahaxa.blogspot.com/2023/01/preliminary-security-advisory.html
Patch
Third Party Advisory
https://hoyahaxa.blogspot.com/2023/03/authentication-bypass-mura-masa.html
https://www.masacms.com/
Not Applicable
https://www.murasoftware.com/mura-cms/
Product
http://mura.com
Not Applicable
https://hoyahaxa.blogspot.com/2023/01/preliminary-security-advisory.html
Patch
Third Party Advisory
https://hoyahaxa.blogspot.com/2023/03/authentication-bypass-mura-masa.html
https://www.masacms.com/
Not Applicable
https://www.murasoftware.com/mura-cms/
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:murasoftware:mura_cms:*:*:*:*:*:*:*:*

Версия до 10.0.580 (исключая)

EPSS

Процентиль: 96%

0.29192

Средний

9.8 Critical

CVSS3

Дефекты

NVD-CWE-Other

CWE-287

Связанные уязвимости

GHSA-q3p4-9xc9-mmhf

CVSS3: 9.8

github

около 3 лет назад

A vulnerability in the Remember Me function of Mura CMS before v10.0.580 allows attackers to bypass authentication via a crafted web request.

EPSS

Процентиль: 96%

0.29192

Средний

9.8 Critical

CVSS3

Дефекты

NVD-CWE-Other

CWE-287