Lucene search
GoogleOSV:CVE-2023-22850HistoryJan 14, 2023 - 2:15 a.m.
CVE-2023-22850
2023-01-1402:15:11
Google
osv.dev
10
tiki 24.1 spreadsheets php object injection
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
7.3
Confidence
High
EPSS
0.001
Percentile
43.3%
Tiki before 24.1, when the Spreadsheets feature is enabled, allows lib/sheet/grid.php PHP Object Injection because of an unserialize call.
Related
cvelist
cvelist
CVE-2023-22850
2023-01-14 00:00:00
prion
prion
Code injection
2023-01-14 02:15:00
nvd
nvd
CVE-2023-22850
2023-01-14 02:15:11
cve
cve
CVE-2023-22850
2023-01-14 02:15:11
packetstorm
packetstorm
Tiki Wiki CMS Groupware 24.0 grid.php PHP Object Injection
2023-01-10 00:00:00
zdt
zdt
Tiki Wiki CMS Groupware 24.0 grid.php PHP Object Injection Vulnerability
2023-01-10 00:00:00
openvas
openvas
Tiki Wiki < 24.1 Multiple Vulnerabilities
2023-01-16 00:00:00
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
7.3
Confidence
High
EPSS
0.001
Percentile
43.3%
Related for OSV:CVE-2023-22850