CVE-2022-28960

Опубликовано: 19 мая 2022

Источник: ubuntu

Приоритет: high

CVSS2: 6.5

CVSS3: 8.8

Описание

A PHP injection vulnerability in Spip before v3.2.8 allows attackers to execute arbitrary PHP code via the _oups parameter at /ecrire.

Релиз	Статус	Примечание
bionic	ignored	end of standard support, was needs-triage
devel	not-affected
esm-apps/bionic	released	3.1.4-4~deb9u5ubuntu0.1~esm2
esm-apps/focal	not-affected
esm-apps/jammy	not-affected
esm-apps/noble	not-affected
esm-apps/xenial	needed
focal	not-affected
impish	ignored	end of life
jammy	not-affected

Показывать по

6.5 Medium

CVSS2

8.8 High

CVSS3

CVE-2022-28960

CVSS3: 8.8

nvd

больше 3 лет назад

A PHP injection vulnerability in Spip before v3.2.8 allows attackers to execute arbitrary PHP code via the _oups parameter at /ecrire.

CVE-2022-28960

CVSS3: 8.8

debian

больше 3 лет назад

A PHP injection vulnerability in Spip before v3.2.8 allows attackers t ...

GHSA-w2q8-6j3f-ccxf

CVSS3: 8.8

github

больше 3 лет назад

A PHP injection vulnerability in Spip before v3.2.8 allows attackers to execute arbitrary PHP code via the _oups parameter at /ecrire.

6.5 Medium

CVSS2

8.8 High

CVSS3