CVE-2019-18854

Sažetak

A Denial Of Service vulnerability exists in the safe-svg (aka Safe SVG) plugin through 1.9.4 for WordPress, related to unlimited recursion for a '<use ... xlink:href="#identifier">' substring.

Reference

https://plugins.trac.wordpress.org/changeset/2185438
https://wordpress.org/plugins/safe-svg/#developers
https://fortiguard.com/zeroday/FG-VD-19-113
https://wpvulndb.com/vulnerabilities/9937

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:N/I:N/A:P

Zadnje važnije ažuriranje

24-10-2023 - 18:41

Objavljeno

11-11-2019 - 15:15