← back
CVE-2022-27256

CVE-2022-27256

EPSS 1.4%
A PHP Local File inclusion vulnerability in the Redbasic theme for Hubzilla before version 7.2 allows remote attackers to include arbitrary php files via the schema parameter.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://framagit.org/hubzilla/core/-/commit/0784cd593a39a4fc297e8a82f7e79bc8019a0868#1c497fbb3a46b78edf04cc2a2fa33f67e3ffbe2ahttps://hubzilla.org/channel/hubzilla/https://volse.net/~haraldei/infosec/disclosures/hubzilla-before-7-2-multiple-vulnerabilities/