ГлавнаяУязвимости → CVE-2024-52306
7.6высокая

CVE-2024-52306

Описание

FileManager provides a Backpack admin interface for files and folder. Prior to 3.0.9, deserialization of untrusted data from the mimes parameter could lead to remote code execution. This vulnerability is fixed in 3.0.9.

Затрагиваемое ПО
Backpackforlaravel Filemanager
CVSS
Балл7.6 — высокая
ВекторCVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
Источники
https://github.com/Laravel-Backpack/FileManager/commit/2830498b85e05fb3c92179053b4d7c4a0fdb880bhttps://github.com/Laravel-Backpack/FileManager/security/advisories/GHSA-8237-957h-h2c2