Lucene search

PRIOn knowledge basePRION:CVE-2023-22851

HistoryJan 14, 2023 - 2:15 a.m.

Code injection

2023-01-1402:15:00

PRIOn knowledge base

www.prio-n.com

code injection

tiki

php object injection

vulnerability

unserialize call

7.2 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

36.5%

Tiki before 24.2 allows lib/importer/tikiimporter_blog_wordpress.php PHP Object Injection by an admin because of an unserialize call.

CPENameOperatorVersion
tikilt24.2

CPE	Name	Operator	Version
	tiki	lt	24.2

References

karmainsecurity.com/KIS-2023-04

tiki.org/articles