How severe is CVE-2019-9057?

CVE-2019-9057 has a CVSS v3 score of 8.8 (HIGH).

CVE-2019-9057

Name: cms_made_simple
Author: cmsmadesimple

8.8HIGH

An issue was discovered in CMS Made Simple 2.2.8. In the module FilePicker, it is possible to reach an unserialize call with an untrusted parameter, and achieve authenticated object injection.

Опубликовано: 3/26/2019Обновлено: 11/21/2024

Описание

An issue was discovered in CMS Made Simple 2.2.8. In the module FilePicker, it is possible to reach an unserialize call with an untrusted parameter, and achieve authenticated object injection.

ИИ-АнализНа базе ИИ

Затронутые продукты

cmsmadesimplecms_made_simple

Ссылки

https://newsletter.cmsmadesimple.org/w/89247Qog4jCRCuRinvhsofwg
Release NotesVendor Advisory
https://www.cmsmadesimple.org/2019/03/Announcing-CMS-Made-Simple-v2.2.10-Spuzzum
Release NotesVendor Advisory
https://newsletter.cmsmadesimple.org/w/89247Qog4jCRCuRinvhsofwg
Release NotesVendor Advisory
https://www.cmsmadesimple.org/2019/03/Announcing-CMS-Made-Simple-v2.2.10-Spuzzum
Release NotesVendor Advisory