Lucene search

NCSC.chCVELIST:CVE-2023-28731

HistoryMar 30, 2023 - 11:25 a.m.

CVE-2023-28731 Unauthenticated RCE affecting the AcyMailing plugin for Joomla

2023-03-3011:25:36

CWE-434

CWE-20

NCSC.ch

www.cve.org

cve-2023-28731

unauthenticated

rce

anymailing

joomla

plugin

enterprise

vulnerable

remote code execution

unrestricted file upload

php code injection

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.9

Confidence

High

EPSS

0.004

Percentile

72.6%

JSON

AnyMailing Joomla Plugin is vulnerable to unauthenticated remote code execution, when being granted access to the campaign’s creation on front-office due to unrestricted file upload allowing PHP code to be injected.

This issue affects AnyMailing Joomla Plugin Enterprise in versions below 8.3.0.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Newsletter Plugin for Joomla in the Enterprise version",
    "vendor": "AcyMailing",
    "versions": [
      {
        "lessThan": "8.3.0",
        "status": "affected",
        "version": "0",
        "versionType": "git"
      }
    ]
  }
]

References

www.acymailing.com/change-log/

www.bugbounty.ch/advisories/CVE-2023-28731

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.9

Confidence

High

EPSS

0.004

Percentile

72.6%

JSON

Related for CVELIST:CVE-2023-28731