Products
Vtenext
- 21.02
Source
cve@mitre.org
Tags
CVE-2023-46694 details
Published : May 28, 2024, 8:16 p.m.
Last Modified : May 28, 2024, 8:16 p.m.
Last Modified : May 28, 2024, 8:16 p.m.
Description
Vtenext 21.02 allows an authenticated attacker to upload arbitrary files, potentially enabling them to execute remote commands. This flaw exists due to the application's failure to enforce proper authentication controls when accessing the Ckeditor file manager functionality.
CVSS Score
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 |
---|
Weakness
Weakness | Name | Description |
---|
References
URL | Source |
---|---|
https://github.com/invisiblebyte/CVE-2023-46694 | cve@mitre.org |
This website uses the NVD API, but is not approved or certified by it.