PT-2023-10625 · Bastianallgeier · Bastianallgeier Kirby Webmentions Plugin

Bastianallgeier

Publicado

2023-01-19

Atualizado

2024-05-17

CVE-2017-20174

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions bastianallgeier Kirby Webmentions Plugin (affected versions not specified)

Description A vulnerability was found in the bastianallgeier Kirby Webmentions Plugin, allowing for injection attacks. The manipulation can be launched remotely, but the complexity of the attack is rather high, and exploitation is known to be difficult.

Recommendations Apply a patch to fix this issue. The patch is identified as 55bedea78ae9af916a9a41497bd9996417851502.

Correção

Special Elements Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-74

Identificadores relacionados

CVE-2017-20174

Produtos afetados

Bastianallgeier Kirby Webmentions Plugin

PT-2023-10625 · Bastianallgeier · Bastianallgeier Kirby Webmentions Plugin

CVE-2017-20174

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6