ГлавнаяУязвимости → CVE-2025-31131
8.6высокая

CVE-2025-31131

Описание

YesWiki is a wiki system written in PHP. The squelette parameter is vulnerable to path traversal attacks, enabling read access to arbitrary files on the server. This vulnerability is fixed in 4.5.2.

Затрагиваемое ПО
Yeswiki Yeswiki
CVSS
Балл8.6 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Источники
https://github.com/YesWiki/yeswiki/commit/f78c915369a60c74ab8f38561ae93a4aaca9b989https://github.com/YesWiki/yeswiki/security/advisories/GHSA-w34w-fvp3-68xm