PT-2022-16314 · Yzmcms · Yzmcms

Zpxlz

Published

2022-01-28

Updated

2022-02-03

CVE-2022-23889

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions YzmCMS version 6.3

Description The issue in YzmCMS allows attackers to create an unusually large number of comments due to the concurrent operation of the comment function.

Recommendations For YzmCMS version 6.3, consider disabling the comment function until a patch is available to prevent the creation of an unusually large number of comments.

Exploit

Fix

Uncontrolled Recursion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-674

Related Identifiers

CVE-2022-23889

Affected Products

Yzmcms

PT-2022-16314 · Yzmcms · Yzmcms

CVE-2022-23889

Weakness Enumeration

Related Identifiers

Affected Products

References · 3