← volver
CVE-2022-23810

CVE-2022-23810

EPSS 1.1%
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS EPSS 1.1%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
24 feb 2022Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
Template injection (Improper Neutralization of Special Elements Used in a Template Engine) vulnerability in a-blog cms Ver.2.8.x series versions prior to Ver.2.8.75, Ver.2.9.x series versions prior to Ver.2.9.40, Ver.2.10.x series versions prior to Ver.2.10.44, Ver.2.11.x series versions prior to Ver.2.11.42, and Ver.3.0.x series versions prior to Ver.3.0.1 allows a remote authenticated attacker to obtain an arbitrary file on the server via unspecified vectors.
Productos afectados
appleple inc. · a-blog cms

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://developer.a-blogcms.jp/blog/news/security-202202.htmlhttps://jvn.jp/en/jp/JVN14706307/index.html