Описание
A XSLT Server Side injection vulnerability in the Import Jobs function of FireBear Improved Import And Export v3.8.6 allows attackers to execute arbitrary commands via a crafted XSLT file.
Ссылки
- Exploit
- Third Party AdvisoryVDB Entry
- Exploit
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:firebearstudio:improved_import_\&_export:3.8.6:*:*:*:*:magento:*:*
EPSS
Процентиль: 29%
0.00105
Низкий
7.2 High
CVSS3
9.1 Critical
CVSS3
Дефекты
CWE-91
CWE-91
Связанные уязвимости
CVSS3: 9.1
github
почти 2 года назад
A XSLT Server Side injection vulnerability in the Import Jobs function of FireBear Improved Import And Export v3.8.6 allows attackers to execute arbitrary commands via a crafted XSLT file.
EPSS
Процентиль: 29%
0.00105
Низкий
7.2 High
CVSS3
9.1 Critical
CVSS3
Дефекты
CWE-91
CWE-91