CVE-2023-4447

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-4447

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-4447.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-4447

Published

2023-08-21T02:15:10Z

Modified

2025-01-14T12:00:24.748217Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

A vulnerability has been found in OpenRapid RapidCMS 1.3.1 and classified as critical. This vulnerability affects unknown code of the file admin/article-chat.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-237568.

References

Affected packages

Git / github.com/openrapid/rapidcms

Affected ranges

Type: GIT
Repo: https://github.com/openrapid/rapidcms
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

e0ce52452522bbccf72f3c772bb0afe3fc2969d7

Affected versions

1.*

1.3.1

Dev.*

Dev.1.1.6

Dev.1.2.0

Dev.1.2.1

Dev.1.2.2

Dev.1.2.3

Dev.1.2.4

Dev.1.2.6