Lucene search
MitreCVE-2023-24612HistoryJan 30, 2023 - 3:15 a.m.
CVE-2023-24612
2023-01-3003:15:09
CWE-77
mitre
web.nvd.nist.gov
82
pdfbook
mediawiki
cve-2023-24612
command injection
security vulnerability
nvd
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.7
Confidence
High
EPSS
0.001
Percentile
45.1%
The PdfBook extension through 2.0.5 before b07b6a64 for MediaWiki allows command injection via an option.
Affected configurations
Node
pdfbook_projectpdfbookRange≤2.0.5mediawiki
| Vendor | Product | Version | CPE |
|---|---|---|---|
| pdfbook_project | pdfbook | * | cpe:2.3:a:pdfbook_project:pdfbook:*:*:*:*:*:mediawiki:*:* |
Related
nvd
nvd
CVE-2023-24612
2023-01-30 03:15:09
cvelist
cvelist
CVE-2023-24612
2023-01-30 00:00:00
prion
prion
Command injection
2023-01-30 03:15:00
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.7
Confidence
High
EPSS
0.001
Percentile
45.1%
Related for CVE-2023-24612