CVE-2019-9057
8.8HIGHAn issue was discovered in CMS Made Simple 2.2.8. In the module FilePicker, it is possible to reach an unserialize call with an untrusted parameter, and achieve authenticated object injection.
게시됨: 3/26/2019업데이트됨: 11/21/2024
설명
An issue was discovered in CMS Made Simple 2.2.8. In the module FilePicker, it is possible to reach an unserialize call with an untrusted parameter, and achieve authenticated object injection.
AI 분석AI 기반
영향받는 제품
cmsmadesimplecms_made_simple
참조
- https://newsletter.cmsmadesimple.org/w/89247Qog4jCRCuRinvhsofwgRelease NotesVendor Advisory
- https://www.cmsmadesimple.org/2019/03/Announcing-CMS-Made-Simple-v2.2.10-SpuzzumRelease NotesVendor Advisory
- https://newsletter.cmsmadesimple.org/w/89247Qog4jCRCuRinvhsofwgRelease NotesVendor Advisory
- https://www.cmsmadesimple.org/2019/03/Announcing-CMS-Made-Simple-v2.2.10-SpuzzumRelease NotesVendor Advisory