CVE-2022-42092

描述

Backdrop CMS 1.22.0 has Unrestricted File Upload vulnerability via `themes` that allows attackers to achieve Remote Code Execution.

受影響套件(1)

• Packagist/backdrop/backdropfrom 0, <= 1.22.0

CVSS 分數

參考連結(3)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2022-42092
• PATCHhttps://github.com/backdrop-ops/backdrop-composer
• WEBhttps://grimthereaperteam.medium.com/backdrop-cms-1-22-0-unrestricted-file-upload-themes-ad42a599561c