ГлавнаяУязвимости → CVE-2025-67079
9.8критическая

CVE-2025-67079

Описание

File upload vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute code through the MSL engine of the Imagick library via crafted PDF file to the file upload and thumbnail functions.

Затрагиваемое ПО
Agora-project Agora-project
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://www.agora-project.nethttps://www.helx.io/blog/advisory-agora-project/