How severe is CVE-2019-9057?

CVE-2019-9057 has a CVSS v3 score of 8.8 (HIGH).

CVE-2019-9057

Name: cms_made_simple
Author: cmsmadesimple

8.8HIGH

An issue was discovered in CMS Made Simple 2.2.8. In the module FilePicker, it is possible to reach an unserialize call with an untrusted parameter, and achieve authenticated object injection.

Published: 3/26/2019Updated: 11/21/2024

Description

An issue was discovered in CMS Made Simple 2.2.8. In the module FilePicker, it is possible to reach an unserialize call with an untrusted parameter, and achieve authenticated object injection.

AI AnalysisPowered by AI

Affected Products

cmsmadesimplecms_made_simple

References

https://newsletter.cmsmadesimple.org/w/89247Qog4jCRCuRinvhsofwg
Release NotesVendor Advisory
https://www.cmsmadesimple.org/2019/03/Announcing-CMS-Made-Simple-v2.2.10-Spuzzum
Release NotesVendor Advisory
https://newsletter.cmsmadesimple.org/w/89247Qog4jCRCuRinvhsofwg
Release NotesVendor Advisory
https://www.cmsmadesimple.org/2019/03/Announcing-CMS-Made-Simple-v2.2.10-Spuzzum
Release NotesVendor Advisory