CVE-2023-22953

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2023-22953
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-22953.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-22953
Published
2023-02-09T15:15:11Z
Modified
2024-09-03T04:15:54.348976Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

In ExpressionEngine before 7.2.6, remote code execution can be achieved by an authenticated Control Panel user.

References

Affected packages

Git / github.com/expressionengine/expressionengine

Affected ranges

Type
GIT
Repo
https://github.com/expressionengine/expressionengine
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed

Affected versions

2.*

2.10.1

4.*

4.3.6

5.*

5.0.0
5.0.1
5.0.2
5.1.0
5.1.0-dp.1
5.1.1
5.1.2
5.1.3
5.2.0
5.2.1
5.2.2
5.2.3
5.2.4
5.2.5
5.2.6
5.3.0

6.*

6.0.0
6.0.1
6.0.2
6.0.3
6.0.3-dp.1
6.0.3-dp.2
6.0.3-dp.3
6.0.3-dp.4
6.0.3-dp.5
6.0.3-dp.6
6.0.4
6.0.4-dp.1
6.0.4-dp.2
6.0.4-dp.3
6.0.5
6.0.5-dp.1
6.0.6
6.0.6-dp.1
6.1.0
6.1.0-a.1-dp.1
6.1.0-a.1-dp.2
6.1.0-dp.1
6.1.0-rc.1-dp.1
6.1.0-rc.1-dp.10
6.1.0-rc.1-dp.11
6.1.0-rc.1-dp.12
6.1.0-rc.1-dp.13
6.1.0-rc.1-dp.14
6.1.0-rc.1-dp.15
6.1.0-rc.1-dp.16
6.1.0-rc.1-dp.17
6.1.0-rc.1-dp.18
6.1.0-rc.1-dp.19
6.1.0-rc.1-dp.2
6.1.0-rc.1-dp.20
6.1.0-rc.1-dp.21
6.1.0-rc.1-dp.22
6.1.0-rc.1-dp.23
6.1.0-rc.1-dp.24
6.1.0-rc.1-dp.25
6.1.0-rc.1-dp.26
6.1.0-rc.1-dp.27
6.1.0-rc.1-dp.28
6.1.0-rc.1-dp.29
6.1.0-rc.1-dp.3
6.1.0-rc.1-dp.30
6.1.0-rc.1-dp.31
6.1.0-rc.1-dp.32
6.1.0-rc.1-dp.33
6.1.0-rc.1-dp.34
6.1.0-rc.1-dp.35
6.1.0-rc.1-dp.4
6.1.0-rc.1-dp.5
6.1.0-rc.1-dp.6
6.1.0-rc.1-dp.7
6.1.0-rc.1-dp.8
6.1.0-rc.1-dp.9
6.1.1
6.1.1-dp.1
6.1.2
6.1.3
6.1.4
6.1.4-dp.1
6.1.4-dp.2
6.1.4-dp.3
6.1.4-dp.4
6.1.5
6.1.5-dp.1
6.1.6
6.1.6-dp.10
6.1.6-dp.11
6.1.6-dp.12
6.1.6-dp.13
6.1.6-dp.14
6.1.6-dp.15
6.1.6-dp.17
6.1.6-dp.18
6.1.6-dp.19
6.1.6-dp.20
6.1.6-dp.21
6.2.0
6.2.0-dp.1
6.2.0-dp.10
6.2.0-dp.11
6.2.0-dp.12
6.2.0-dp.13
6.2.0-dp.14
6.2.0-dp.2
6.2.0-dp.3
6.2.0-dp.4
6.2.0-dp.5
6.2.0-dp.6
6.2.0-dp.7
6.2.0-dp.8
6.2.0-dp.9
6.2.1
6.2.1-dp.1
6.2.2
6.2.2-dp.1
6.2.2-dp.2
6.2.3
6.2.3-dp.1
6.2.4
6.2.4-dp.1
6.2.4-dp.10
6.2.4-dp.2
6.2.4-dp.3
6.2.4-dp.4
6.2.4-dp.5
6.2.4-dp.6
6.2.4-dp.7
6.2.4-dp.8
6.2.4-dp.9
6.2.5
6.2.5-dp.1
6.2.5-dp.2
6.2.5-dp.3
6.2.6
6.2.6-dp.1
6.2.6-dp.2
6.2.6-dp.3
6.2.6-dp.4
6.2.7
6.2.7-dp.1
6.3.0
6.3.0-dp.1
6.3.0-dp.10
6.3.0-dp.11
6.3.0-dp.12
6.3.0-dp.13
6.3.0-dp.14
6.3.0-dp.15
6.3.0-dp.16
6.3.0-dp.17
6.3.0-dp.18
6.3.0-dp.19
6.3.0-dp.2
6.3.0-dp.20
6.3.0-dp.21
6.3.0-dp.22
6.3.0-dp.23
6.3.0-dp.24
6.3.0-dp.25
6.3.0-dp.26
6.3.0-dp.27
6.3.0-dp.28
6.3.0-dp.29
6.3.0-dp.30
6.3.0-dp.31
6.3.0-dp.32
6.3.0-dp.33
6.3.0-dp.34
6.3.0-dp.35
6.3.0-dp.36
6.3.0-dp.37
6.3.0-dp.38
6.3.0-dp.39
6.3.0-dp.4
6.3.0-dp.40
6.3.0-dp.41
6.3.0-dp.42
6.3.0-dp.43
6.3.0-dp.44
6.3.0-dp.5
6.3.0-dp.6
6.3.0-dp.7
6.3.0-dp.8
6.3.0-dp.9
6.3.1
6.3.1-dp.1
6.3.1-dp.2
6.3.1-dp.3
6.3.2
6.3.2-dp.1
6.3.2-dp.2
6.3.2-dp.3
6.3.2-dp.4
6.3.2-dp.5
6.3.2-dp.6
6.3.3
6.3.3-dp.1
6.3.4
6.3.4-dp.1
6.3.4-dp.2
6.3.5-dp.1
6.3.5-dp.10
6.3.5-dp.11
6.3.5-dp.12
6.3.5-dp.13
6.3.5-dp.16
6.3.5-dp.17
6.3.5-dp.2
6.3.5-dp.3
6.3.5-dp.4
6.3.5-dp.5
6.3.5-dp.6
6.3.5-dp.7
6.3.5-dp.8
6.3.5-dp.9

7.*

7.0.0
7.0.0-a.1
7.0.0-dp.1
7.0.0-dp.10
7.0.0-dp.11
7.0.0-dp.12
7.0.0-dp.13
7.0.0-dp.14
7.0.0-dp.17
7.0.0-dp.21
7.0.0-dp.22
7.0.0-dp.23
7.0.0-dp.24
7.0.0-dp.4
7.0.0-dp.5
7.0.0-dp.6
7.0.0-dp.7
7.0.0-dp.8
7.0.0-dp.9
7.0.0-rc.1-dp.1
7.0.0-rc.1-dp.10
7.0.0-rc.1-dp.11
7.0.0-rc.1-dp.12
7.0.0-rc.1-dp.13
7.0.0-rc.1-dp.14
7.0.0-rc.1-dp.15
7.0.0-rc.1-dp.16
7.0.0-rc.1-dp.17
7.0.0-rc.1-dp.18
7.0.0-rc.1-dp.19
7.0.0-rc.1-dp.2
7.0.0-rc.1-dp.20
7.0.0-rc.1-dp.3
7.0.0-rc.1-dp.4
7.0.0-rc.1-dp.5
7.0.0-rc.1-dp.6
7.0.0-rc.1-dp.7
7.0.0-rc.1-dp.8
7.0.0-rc.1-dp.9
7.0.0-rc.2-dp.1
7.0.0-rc.2-dp.2
7.0.0-rc.2-dp.3
7.0.0-rc.2-dp.4
7.0.0-rc.2-dp.5
7.0.0-rc.2-dp.6
7.0.0-rc.2-dp.7
7.0.0-rc.3-dp.1
7.0.0-rc.3-dp.3
7.0.0-rc.3-dp.4
7.0.0-rc.3-dp.5
7.0.0-rc.3-dp.6
7.0.0-rc.3-dp.7
7.0.0-rc.3-dp.8
7.0.0-rc.4-dp.1
7.0.0-rc.4-dp.2
7.0.0-rc.4-dp.3
7.0.0-rc.4-dp.4
7.0.0-rc.4-dp.5
7.0.0-rc.4-dp.6
7.0.0-rc.4-dp.7
7.0.0-rc.4-dp.8
7.0.0-rc.4-dp.9
7.0.1
7.0.1-dp.1
7.0.1-dp.2
7.0.1-dp.3
7.0.2
7.0.2-dp.1
7.0.3
7.0.3-dp.1
7.0.3-dp.2
7.0.3-dp.3
7.0.3-dp.4
7.0.3-dp.5
7.1.0
7.1.0-dp.1
7.1.0-dp.2
7.1.0-dp.3
7.1.0-dp.4
7.1.0-dp.5
7.1.1
7.1.1-dp.1
7.1.2
7.1.2-dp.1
7.1.3
7.1.3-dp.1
7.1.3-dp.2
7.1.4
7.1.4-dp.1
7.1.4-dp.2
7.1.5
7.1.5-dp.1
7.1.5-dp.2
7.1.6
7.1.6-dp.1
7.1.6-dp.2
7.1.6-dp.3
7.2.0
7.2.0-dp.1
7.2.0-dp.10
7.2.0-dp.11
7.2.0-dp.12
7.2.0-dp.13
7.2.0-dp.14
7.2.0-dp.15
7.2.0-dp.16
7.2.0-dp.17
7.2.0-dp.18
7.2.0-dp.19
7.2.0-dp.2
7.2.0-dp.20
7.2.0-dp.21
7.2.0-dp.22
7.2.0-dp.23
7.2.0-dp.24
7.2.0-dp.25
7.2.0-dp.3
7.2.0-dp.4
7.2.0-dp.5
7.2.0-dp.6
7.2.0-dp.7
7.2.0-dp.8
7.2.0-dp.9
7.2.1
7.2.1-dp.1
7.2.1-dp.2
7.2.1-dp.3
7.2.2
7.2.2-dp.1
7.2.3
7.2.3-dp.1
7.2.4
7.2.4-dp.1
7.2.5
7.2.5-dp.1
7.2.5-dp.2
7.2.5-dp.3
7.2.5-dp.4
7.2.5-dp.5
7.2.6-dp.1
7.2.6-dp.10
7.2.6-dp.2
7.2.6-dp.3
7.2.6-dp.5
7.2.6-dp.6
7.2.6-dp.7
7.2.6-dp.8
7.2.6-dp.9