6.3.8

DATE	CVE	VULNERABILITY TITLE	RISK
2018-07-19	CVE-2014-2302	Code Injection vulnerability in Webedition CMS 6.2.7.0/6.3.3.0/6.3.8 The installer script in webEdition CMS before 6.2.7-s1 and 6.3.x before 6.3.8-s1 allows remote attackers to conduct PHP Object Injection attacks by intercepting a request to update.webedition.org. network low complexity webedition CWE-94	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.