BIT-codeigniter-2023-32692

Import Source

https://github.com/bitnami/vulndb/tree/main/data/codeigniter/BIT-codeigniter-2023-32692.json

Aliases

CVE-2023-32692
GHSA-m6m8-6gq8-c9fj

Published

2024-03-06T10:51:07.577Z

Modified

2024-03-06T11:25:28.861Z

Details

CodeIgniter is a PHP full-stack web framework. This vulnerability allows attackers to execute arbitrary code when you use Validation Placeholders. The vulnerability exists in the Validation library, and validation methods in the controller and in-model validation are also vulnerable because they use the Validation library internally. This issue is patched in version 4.3.5.

References

https://github.com/codeigniter4/CodeIgniter4/blob/develop/CHANGELOG.md
https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-m6m8-6gq8-c9fj

Affected packages

Bitnami / codeigniter

Package

Name: codeigniter

Affected ranges

Type: SEMVER
Events: Introduced

0The exact introduced commit is unknown

Fixed

4.3.5