CVE-2023-39377

Summary

SiberianCMS - CWE-434: Unrestricted Upload of File with Dangerous Type - A malicious user with administrative privileges may be able to upload a dangerous filetype via an unspecified method

Affected Software

VendorProductVersion RangeStatus
SiberianCMSSiberianCMSversions 4.*, 5.* <= upgrade to version 4.20.44 or 5.0.4affected

Weaknesses

  • CWE-434: CWE-434 Unrestricted Upload of File with Dangerous Type

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References