PT-2023-19709 · Pdfbook · Pdfbook

Thomas Gerbet

·

Published

2023-01-30

·

Updated

2023-02-07

·

CVE-2023-24612

CVSS v3.1

9.8

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions PdfBook extension versions 2.0.5 and earlier
Description The issue allows command injection via an option.
Recommendations For PdfBook extension versions 2.0.5 and earlier, update to a version after b07b6a64 to resolve the issue.

Fix

Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-77

Related Identifiers

CVE-2023-24612

Affected Products

Pdfbook