Vulnerabilities > CVE-2023-22953 - Unspecified vulnerability in Expressionengine

047910
CVSS 8.8 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
expressionengine
NVD
Published: 2023-02-09
Updated: 2023-03-03

Summary

In ExpressionEngine before 7.2.6, remote code execution can be achieved by an authenticated Control Panel user.

Vulnerable Configurations

Part Description Count
Application
Expressionengine
191

References