CVE-2023-30130
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in packagist/craftcms/cms
Identifiers
CVE-2023-30130, GHSA-fjx5-xm7q-whvj
Package Slug
packagist/craftcms/cms
Vulnerability
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Description
An issue found in CraftCMS v.3.8.1 allows a remote attacker to execute arbitrary code via a crafted script to the Section parameter.
Affected Versions
All versions before 3.8.2
Solution
Upgrade to version 3.8.2 or above.
Last Modified
2023-05-15
| source |