説明
An issue was discovered in CMS Made Simple 2.2.8. In the module FilePicker, it is possible to reach an unserialize call with an untrusted parameter, and achieve authenticated object injection.
AI分析AIによる分析
影響を受ける製品
cmsmadesimplecms_made_simple
参照
- https://newsletter.cmsmadesimple.org/w/89247Qog4jCRCuRinvhsofwgRelease NotesVendor Advisory
- https://www.cmsmadesimple.org/2019/03/Announcing-CMS-Made-Simple-v2.2.10-SpuzzumRelease NotesVendor Advisory
- https://newsletter.cmsmadesimple.org/w/89247Qog4jCRCuRinvhsofwgRelease NotesVendor Advisory
- https://www.cmsmadesimple.org/2019/03/Announcing-CMS-Made-Simple-v2.2.10-SpuzzumRelease NotesVendor Advisory