Back to overview

CVE-2023-4159

CRITICAL Exploitation: PoC
9.9
CVSS 3.0
Description
Unrestricted Upload of File with Dangerous Type in GitHub repository omeka/omeka-s prior to 4.0.3.

Metadata

CVE ID
CVE-2023-4159
State
PUBLISHED
Assigner
@huntrdev
Reserved
2023-08-04 17:17 UTC
Published
2023-08-04 17:17 UTC
Last updated
2024-10-09 19:14 UTC
Primary CWE
CWE-434
CWE-434 Unrestricted Upload of File with Dangerous Type
Vendor / Product
omeka / omeka/omeka-s
Sources
cve.org  ·  NVD

Severity & Metrics

9.9 CRITICAL CVSS 3.0
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
SSVC — CISA Coordinator
Exploitation
PoC
Automatable
no
Tech. Impact
total
Affected products (1)
VendorProductPlatformVersions
omeka omeka/omeka-s unspecified < 4.0.3
Weakness (CWE)
CWESourceDescription
CWE-434 cna CWE-434 Unrestricted Upload of File with Dangerous Type
CVSS scores (1)
ScoreSeverityVersionSourceVector
9.9 CRITICAL 3.0 cna CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
References (2)
Back to overview