How severe is CVE-2019-9057?

CVE-2019-9057 has a CVSS v3 score of 8.8 (HIGH).

CVE-2019-9057

Name: cms_made_simple
Author: cmsmadesimple

8.8HIGH

An issue was discovered in CMS Made Simple 2.2.8. In the module FilePicker, it is possible to reach an unserialize call with an untrusted parameter, and achieve authenticated object injection.

Publicado: 3/26/2019Actualizado: 11/21/2024

Descripción

An issue was discovered in CMS Made Simple 2.2.8. In the module FilePicker, it is possible to reach an unserialize call with an untrusted parameter, and achieve authenticated object injection.

Análisis IAImpulsado por IA

Productos Afectados

cmsmadesimplecms_made_simple

Referencias

https://newsletter.cmsmadesimple.org/w/89247Qog4jCRCuRinvhsofwg
Release NotesVendor Advisory
https://www.cmsmadesimple.org/2019/03/Announcing-CMS-Made-Simple-v2.2.10-Spuzzum
Release NotesVendor Advisory
https://newsletter.cmsmadesimple.org/w/89247Qog4jCRCuRinvhsofwg
Release NotesVendor Advisory
https://www.cmsmadesimple.org/2019/03/Announcing-CMS-Made-Simple-v2.2.10-Spuzzum
Release NotesVendor Advisory