Description

Acunetix determined that the Craft CMS is vulnerable to remote code execution.

Remediation

Upgrade to the latest version of Craft CMS

References

Craft CMS Remote Code Execution vulnerability

CraftCMS RCE

Related Vulnerabilities

phpMyFAQ Other Vulnerability (CVE-2006-6913)

GlassFish CVE-2017-10400 Vulnerability (CVE-2017-10400)

MySQL CVE-2017-3636 Vulnerability (CVE-2017-3636)

Moodle Server-Side Request Forgery (SSRF) Vulnerability (CVE-2023-35133)

Java Unspesificed Vulnerability (CVE-2020-14803)

Severity

Critical

Classification

CVE-2023-41892 CWE-94 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L

Tags

Code Execution Known Vulnerabilities