CVE-2021-46364

HIGH7.8EPSS 1.0%

Deserialization of Untrusted Data in Magnolia CMS

Published: 2/12/2022Modified: 11/8/2023

Description

A vulnerability in the Snake YAML parser of Magnolia CMS v6.2.3 and below allows attackers to execute arbitrary code via a crafted YAML file.

Source	Version	Severity	Vector
osv	CVSS 3.1	HIGH7.8	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H