Lucene search

K
githubexploit1E3F45E7-D4D8-523D-95A8-F1D23AE1DEEC
HistoryFeb 01, 2023 - 6:21 p.m.

Exploit for Incorrect Authorization in Dompdf Project Dompdf

2023-02-0118:21:23
464
dompdf
uri validation
svg parsing
cve-2023-23924
php
file inclusion
phar deserialization

CVSS3

10

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:H

AI Score

9.7

Confidence

High

EPSS

0.01

Percentile

84.0%

CVE-2023-23924

Dompdf vulnerable to URI validation failure on…

This is an article that belongs to githubexploit private collection.
Please sign in to get more Information.

CVSS3

10

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:H

AI Score

9.7

Confidence

High

EPSS

0.01

Percentile

84.0%