ГлавнаяУязвимости → CVE-2024-50808
8.8высокая

CVE-2024-50808

Описание

SeaCms 13.1 is vulnerable to code injection in the notification module of the member message notification module in the backend user module, due to unsafe handling of the "notify" variable in admin_notify.php.

Затрагиваемое ПО
Seacms Seacms
CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://github.com/v9d0g/CVEs/blob/main/CVE-2024-50808.md