sromanhu/CVE-2023-43352-CMSmadesimple-SSTI--Content

Releases0

SSTI vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to use native template syntax to inject a malicious payload into a template, which is then executed server-side

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-43352 ↗	Oct 26, 2023Thursday, 26 October 2023, 22:15	7.8 HIGH	—
An issue in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted payload to the Content Manager Menu component.