8.8
CVE-2023-50038
- EPSS 0.07%
- Veröffentlicht 28.12.2023 07:15:08
- Zuletzt bearbeitet 21.11.2024 08:36:29
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginThere is an arbitrary file upload vulnerability in the background of textpattern cms v4.8.8, which leads to the loss of server permissions.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Textpattern ≫ Textpattern Version4.8.8 Update-
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.07% | 0.227 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-434 Unrestricted Upload of File with Dangerous Type
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.