Required CVE Record Information
Description
An attacker may inject commands via specially-crafted post requests.
CVSS 2 Total
| Score | Severity | Version | Vector String |
|---|---|---|---|
| 7.5 | HIGH | 3.1 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
| 8.7 | HIGH | 4.0 | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N |
Credits
- Jon Hurtado of Sandia National Laboratory reported these vulnerabilities to CISA. finder