CVE-2022-25401

High

7.5/10

Summary

The copy function of the file manager in Cuppa CMS v1.0 allows any file to be copied to the current directory, granting attackers read access to arbitrary files.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: HIGH
Availability Impact: NONE

References

Advisory Timeline

Published Feb 24, 2022

CVE-2022-25401

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS