Lucene search

PRIOn knowledge basePRION:CVE-2023-33690

HistoryJun 05, 2023 - 4:15 p.m.

Path traversal

2023-06-0516:15:00

PRIOn knowledge base

www.prio-n.com

sonicjs

v0.7.0

path traversal

authenticated

special characters

backup cms

nvd

6.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.5%

JSON

SonicJS up to v0.7.0 allows attackers to execute an authenticated path traversal when an attacker injects special characters into the filename of a backup CMS.

CPENameOperatorVersion
sonicjsge0.5.4
sonicjsle0.7.0

CPE	Name	Operator	Version
	sonicjs	ge	0.5.4
	sonicjs	le	0.7.0

References

github.com/lane711/sonicjs/pull/183

youtu.be/6ZuwA9CkQLg