CVE-2022-24977

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2022-24977

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-24977.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-24977

Aliases

GHSA-389p-fchr-q2mg

Published

2022-02-14T12:15:27.867Z

Modified

2026-03-14T14:59:28.177520Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

ImpressCMS before 1.4.2 allows unauthenticated remote code execution via ...../// directory traversal in origName or imageName, leading to unsafe interaction with the CKEditor processImage.php script. The payload may be placed in PHPSESSIONUPLOADPROGRESS when the PHP installation supports uploadprogress.

References

Affected packages

Git / github.com/impresscms/impresscms

Affected ranges

Type

GIT

Repo

https://github.com/impresscms/impresscms

Events

Introduced

Fixed

2e3f2b3963ebfa4e5dcaf50c31ff4daa1eb901be

Fixed

a66d7bb499faafab803e24833606028fa0ba4261

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "1.4.2"
        }
    ]
}

Affected versions

1.*

1.3.10-beta

1.3.8

1.3.8-beta

1.3.9

1.3.9_rc

1.4.1

impresscms_1.*

impresscms_1.3.3

impresscms_1.3.4

v1.*

v1.3.10

v1.3.11

v1.3.11-beta

v1.3.11-beta2

v1.3.11-rc

v1.3.11-rc2

v1.3.8

v1.4.0

v1.4.0-alpha

v1.4.0-alpha.2

v1.4.0-beta

v1.4.0-rc

v1.4.1_beta

v1.4.2

v1.4.2_rc

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-24977.json"