CVE-2024-22722 - CERT CVE
ID CVE-2024-22722
Sažetak Server Side Template Injection (SSTI) vulnerability in Form Tools 3.1.1 allows attackers to run arbitrary commands via the Group Name field under the add forms section of the application.
Reference
CVSS
Base: 7.2
Impact: 5.9
Exploitability:1.2
Pristup
VektorSloženostAutentikacija
NETWORK LOW HIGH
Impact
PovjerljivostCjelovitostDostupnost
HIGH HIGH HIGH
CVSS vektor CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Zadnje važnije ažuriranje 03-07-2024 - 01:47
Objavljeno 11-04-2024 - 20:15