How severe is CVE-2019-9057?

CVE-2019-9057 has a CVSS v3 score of 8.8 (HIGH).

CVE-2019-9057

Name: cms_made_simple
Author: cmsmadesimple

8.8HIGH

An issue was discovered in CMS Made Simple 2.2.8. In the module FilePicker, it is possible to reach an unserialize call with an untrusted parameter, and achieve authenticated object injection.

Publicado: 3/26/2019Atualizado: 11/21/2024

Descrição

An issue was discovered in CMS Made Simple 2.2.8. In the module FilePicker, it is possible to reach an unserialize call with an untrusted parameter, and achieve authenticated object injection.

Análise IADesenvolvido por IA

Produtos Afetados

cmsmadesimplecms_made_simple

Referências

https://newsletter.cmsmadesimple.org/w/89247Qog4jCRCuRinvhsofwg
Release NotesVendor Advisory
https://www.cmsmadesimple.org/2019/03/Announcing-CMS-Made-Simple-v2.2.10-Spuzzum
Release NotesVendor Advisory
https://newsletter.cmsmadesimple.org/w/89247Qog4jCRCuRinvhsofwg
Release NotesVendor Advisory
https://www.cmsmadesimple.org/2019/03/Announcing-CMS-Made-Simple-v2.2.10-Spuzzum
Release NotesVendor Advisory