CVE-2024-55085

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-55085
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-55085.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-55085
Published
2024-12-16T23:15:06.607Z
Modified
2026-04-10T05:19:05.992496Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

GetSimple CMS CE 3.3.19 suffers from arbitrary code execution in the template editing function in the background management system, which can be used by an attacker to implement RCE.

References

Affected packages

Git / github.com/getsimplecms-ce/getsimplecms-ce

Affected ranges

Type
GIT
Repo
https://github.com/getsimplecms-ce/getsimplecms-ce
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
ae72a6d8d6cf9247b5a3f197232351eb8432ce1b
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.3.19"
        }
    ]
}

Affected versions

v3.*
v3.3.16
v3.3.17
v3.3.18.1
v3.3.19.1
v3.3.19.1b

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-55085.json"