Description

External Control of File Name or Path in GitHub repository flatpressblog/flatpress prior to 1.3.

Related CPE's

a

flatpress

flatpress

Vulnerable

References

https://github.com/flatpressblog/flatpress/commit/5d5c7f6d8f072d14926fc2c3a97cdd763802f170

Patch

https://huntr.dev/bounties/4089a63f-cffd-42f3-b8d8-e80b6bd9c80f

ExploitIssue TrackingPatchThird Party Advisory

Weaknesses

[email protected]

Primary
CWE-73

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

8.1 · High

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2023-03-01T02:15:51.597

2 years ago

Last modified

2023-03-09T14:47:46.530

2 years ago