exploitDog

CVE-2023-37692

Опубликовано: 26 июл. 2023

Источник: nvd

CVSS3: 5.4

EPSS Низкий

Описание

An arbitrary file upload vulnerability in October CMS v3.4.4 allows attackers to execute arbitrary code via a crafted file.

Ссылки

https://okankurtulus.com.tr/2023/07/24/october-cms-v3-4-4-stored-cross-site-scripting-xss-authenticated/
Exploit
Third Party Advisory
https://okankurtulus.com.tr/2023/07/24/october-cms-v3-4-4-stored-cross-site-scripting-xss-authenticated/
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:octobercms:october:3.4.4:*:*:*:*:*:*:*

EPSS

Процентиль: 53%

0.00305

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-r47v-rxcg-p28j

CVSS3: 5.4

github

больше 2 лет назад

Stored Cross-Site Scripting October CMS

EPSS

Процентиль: 53%

0.00305

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79