SecBoard
Zurück zur CVE-Übersicht

CVE-2022-24241

HIGH(7.5)

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Risk Signal Score19/100 — NIEDRIG
  • CVSS 7.5 — Hoch

EPSS-Score

1%

Exploit-Wahrscheinlichkeit (30 Tage)

CVSS Score

7.5

Technische Schwere

Beschreibung

ACEweb Online Portal 3.5.065 was discovered to contain an External Controlled File Path and Name vulnerability via the txtFilePath parameter in attachments.awp.

Referenzen