Skip to content

CVE-2023-46990

Deserialization of Untrusted Data in PublicCMS v.4.0.202302.e allows a remote attacker to execute arbitrary code via a crafted script to the writeReplace function..This CVE has a CVSS3.1 score of 6.2 and a Base Severity of MEDIUM.

InfoDetails
CVE IDCVE-2023-46990
CVE StatePUBLISHED
BaseScoreNA
BaseSeverityNA
VectorStringNA
VersionNA

References for CVE-2023-46990 :
https://github.com/sanluan/PublicCMS/issues/76#issue-1960443408

Metric TypeMetric Score
AttackVector(AV)NA
AttackComplexity(AC)NA
PrivilegesRequired(PR)NA
UserInteraction(UI)NA
Scope(S)NA
Confidentiality(C)NA
Availability(A)NA
Integrity(I)NA
Tags: