Vulnerabilities > Publiccms > Publiccms > 4.0.202302.e
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-20 | CVE-2023-46990 | Deserialization of Untrusted Data vulnerability in Publiccms 4.0.202302.E Deserialization of Untrusted Data in PublicCMS v.4.0.202302.e allows a remote attacker to execute arbitrary code via a crafted script to the writeReplace function. | 9.8 |
2023-11-16 | CVE-2023-48204 | Server-Side Request Forgery (SSRF) vulnerability in Publiccms 4.0.202302.E An issue in PublicCMS v.4.0.202302.e allows a remote attacker to obtain sensitive information via the appToken and Parameters parameter of the api/method/getHtml component. | 6.5 |