CVE-2023-41005
HIGH7.8EPSS 1.0%Command injection in pagekit
Published: 8/29/2023Modified: 2/16/2024
Description
An issue in Pagekit pagekit v.1.0.18 alows a remote attacker to execute arbitrary code via thedownloadAction and updateAction functions in UpdateController.php
Affected packages (1)
- Packagist/pagekit/pagekitfrom 0, <= 1.0.18
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.8 | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |