PT-2023-29056 · Unknown · Presto Changeo Testsitecreator
Published
2023-10-05
·
Updated
2024-09-19
·
CVE-2023-43981
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Presto Changeo testsitecreator versions up to 1.1.1
Description
A deserialization vulnerability was discovered in Presto Changeo testsitecreator via the component delete excluded folder.php.
Recommendations
For Presto Changeo testsitecreator versions up to 1.1.1, consider disabling access to the delete excluded folder.php component until a patch is available.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Deserialization of Untrusted Data
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Presto Changeo Testsitecreator