Back

CVE-2023-46694

May 28, 2024, 8:16 p.m.

Received
CVE has been recently published to the CVE List and has been received by the NVD.

Products

Vtenext

  • 21.02

Source

cve@mitre.org

Tags

cve@mitre.org
2024-05-28
CVE-2023-46694

CVE-2023-46694 details

Published : May 28, 2024, 8:16 p.m.
Last Modified : May 28, 2024, 8:16 p.m.

Description

Vtenext 21.02 allows an authenticated attacker to upload arbitrary files, potentially enabling them to execute remote commands. This flaw exists due to the application's failure to enforce proper authentication controls when accessing the Ckeditor file manager functionality.

CVSS Score

1 2 3 4 5 6 7 8 9 10

Weakness

Weakness Name Description

References

URL Source
https://github.com/invisiblebyte/CVE-2023-46694 cve@mitre.org
This website uses the NVD API, but is not approved or certified by it.