CVE-2023-39377

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2023-39377
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-39377.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-39377
Published
2023-09-27T15:18:56.087Z
Modified
2025-11-20T12:19:39.538891Z
Severity
  • 7.2 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

SiberianCMS - CWE-434: Unrestricted Upload of File with Dangerous Type - A malicious user with administrative privileges may be able to upload a dangerous filetype via an unspecified method

References

Affected packages

Git / github.com/xtraball/siberiancms

Affected ranges

Type
GIT
Repo
https://github.com/xtraball/siberiancms
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
bddfa0d877608857a2c6905dfd8a6b4fa9b70eda

Affected versions

4.*

4.14.15
4.15.11
4.15.12
4.15.13
4.15.14
4.15.3
4.15.4
4.15.5
4.15.6
4.15.7
4.15.8
4.15.9
4.18.12
4.18.16
4.18.17
4.18.18
4.18.19
4.18.20
4.18.21
4.18.22
4.18.23
4.18.25
4.18.3
4.18.4
4.18.5
4.18.6
4.18.7
4.18.8
4.18.9
4.19.0
4.19.1
4.19.10
4.19.11
4.19.12
4.19.13
4.19.2
4.19.3
4.19.4
4.19.5
4.19.6
4.19.7
4.19.8
4.19.9
4.20.0
4.20.1
4.20.10
4.20.11
4.20.12
4.20.13
4.20.14
4.20.15
4.20.16
4.20.17
4.20.18
4.20.19
4.20.2
4.20.20
4.20.21
4.20.22
4.20.23
4.20.24
4.20.25
4.20.26
4.20.27
4.20.28
4.20.29
4.20.3
4.20.30
4.20.31
4.20.32
4.20.33
4.20.34
4.20.37
4.20.38
4.20.39
4.20.4
4.20.40
4.20.41
4.20.42
4.20.5
4.20.6
4.20.7
4.20.8
4.20.9

Other

mark-i
mark-pre-update

v4.*

v4.12.18
v4.12.19
v4.12.20
v4.12.21
v4.12.22
v4.12.23
v4.13.0
v4.13.1
v4.13.10
v4.13.11
v4.13.12
v4.13.13
v4.13.14
v4.13.15
v4.13.16
v4.13.17
v4.13.18
v4.13.19
v4.13.2
v4.13.20
v4.13.3
v4.13.4
v4.13.5
v4.13.6
v4.13.7
v4.13.8
v4.13.9
v4.14.0
v4.14.1
v4.14.10
v4.14.11
v4.14.12
v4.14.13
v4.14.13-beta.1
v4.14.2
v4.14.3
v4.14.4
v4.14.5
v4.14.6
v4.14.7
v4.14.8
v4.14.9
v4.15.0
v4.15.0-beta.1
v4.15.0-beta.2
v4.15.1
v4.15.10
v4.15.11
v4.15.12
v4.15.13
v4.15.14
v4.15.15
v4.15.2
v4.15.3
v4.15.4
v4.15.5
v4.15.6
v4.15.7
v4.15.8
v4.15.9
v4.16.0
v4.16.1
v4.16.10
v4.16.11
v4.16.12
v4.16.2
v4.16.3
v4.16.4
v4.16.5
v4.16.6
v4.16.7
v4.16.8
v4.16.9
v4.17.0
v4.17.1
v4.17.10
v4.17.11
v4.17.2
v4.17.3
v4.17.4
v4.17.5
v4.17.6
v4.17.7
v4.17.8
v4.17.9
v4.18.0
v4.18.1
v4.18.10
v4.18.11
v4.18.12
v4.18.13
v4.18.14
v4.18.15
v4.18.16
v4.18.17
v4.18.18
v4.18.19
v4.18.2
v4.18.20
v4.18.21
v4.18.22
v4.18.23
v4.18.24
v4.18.25
v4.18.3
v4.18.4
v4.18.5
v4.18.6
v4.18.7
v4.18.9
v4.19.0
v4.19.1
v4.19.10
v4.19.11
v4.19.12
v4.19.13
v4.19.2
v4.19.3
v4.19.4
v4.19.5
v4.19.6
v4.19.7
v4.19.8
v4.19.9
v4.20.0
v4.20.1
v4.20.10
v4.20.11
v4.20.12
v4.20.13
v4.20.14
v4.20.15
v4.20.16
v4.20.17
v4.20.18
v4.20.19
v4.20.2
v4.20.20
v4.20.21
v4.20.22
v4.20.23
v4.20.24
v4.20.25
v4.20.26
v4.20.27
v4.20.28
v4.20.29
v4.20.3
v4.20.30
v4.20.32
v4.20.34
v4.20.35
v4.20.37
v4.20.38
v4.20.39
v4.20.4
v4.20.40
v4.20.41
v4.20.42
v4.20.43
v4.20.5
v4.20.6
v4.20.7
v4.20.8
v4.20.9

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-39377.json"