← volver
CVE-2023-1105

External Control of File Name or Path in flatpressblog/flatpress

CVSS 7.5 HIGHEPSS 0.7%CWE-73
External Control of File Name or Path in GitHub repository flatpressblog/flatpress prior to 1.3.
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Productos afectados
flatpressblog · flatpressblog/flatpress

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/flatpressblog/flatpress/commit/5d5c7f6d8f072d14926fc2c3a97cdd763802f170https://huntr.dev/bounties/4089a63f-cffd-42f3-b8d8-e80b6bd9c80f