3 matches found
CVE-2023-38491
Kirby is a content management system. A vulnerability in versions prior to 3.5.8.3, 3.6.6.3, 3.7.5.2, 3.8.4.1, and 3.9.6 affects all Kirby sites that might have potential attackers in the group of authenticated Panel users or that allow external visitors to upload an arbitrary file to the content...
CVE-2023-38491
creationtimestamp| type| source ---|---|--- 2023-07-27 20:28:47+00:00| seen| https://t.me/cibsecurity/67339...
CVE-2023-38491
Summary: CVE-2023-38491 affects Kirby CMS prior to versions 3.5.8.3, 3.6.6.3, 3.7.5.2, 3.8.4.1, and 3.9.6. The vulnerability arises from Kirby\u2019s MIME type handling in Response::file(), which could fail to determine the correct MIME for uploaded files, causing the browser to treat a file as t...